Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Millions of email warnings were sent out by Marriot on Friday to warn customers about the massive data breach which has affected close to half a billion guest data. more
Throughout the course of my career I've been blessed to work with some of the most talented folks in the security and cyber threat intelligence (CTI) mission space to create a variety of different capabilities in the public, private and commercial sectors. Before I came to lead the Verisign iDefense team about five years ago, I had to evaluate external cyber-intelligence vendors to complement and expand the enterprise capabilities of my former organization. more
U.S. federal government officials have revealed Russian hackers have been able to gain access to the networks of electric utilities in the country, according to a report by The Wall Street Journal. more
Anyone that has attended a meeting of the Internet Engineering Task Force (IETF) will know that the somewhat dry topic of internet protocols is often the source of passionate disagreement. But rarely does that debate extend beyond the confines of internet engineers. That has not been the case with a new protocol which aims to make the Internet's underlying domain name system more secure by default. more
We touched on this subject in the past, but recently Rich Kulawiek wrote a very interesting email to NANOG to which I replied, and decided to share my answer here as well: I stopped really counting bots a while back. I insisted, along with many friends, that counting botnets was what matters. When we reached thousands we gave that up. We often quoted anti-nuclear weapons proliferation sentiments from the Cold War, such as: "why be able to destroy the world a thousand times over if once is more than enough?" we often also changed it to say "3 times" as redundancy could be important... more
This is, of course, about the recent NYT article that showcases the results of Prof Stefan Savage and his colleagues from UCSD/Berkeley. As my good friend and longtime volunteer at CAUCE, Ed Falk, points out, this is a great find, but hardly a FUSSP. The nice thing about the fight against bots and spammers is these little victories people on "our" side keep having in an endless series of skirmishes and battles... more
The UK today is one of the main attack targets by phishing organized crime groups, globally. Phishing damages will amount to about two billions USD in 2006 worldwide -- not counting risk management measures such as preventative measures, counter-measures, incident response and PR damages. In most cases, phishing is caused by the fault of the users, either by entering the wrong web page, not keeping their computers secure or falling for cheap scams. Often this is due to lack of awareness or ability in the realm of Internet use rather than incompetence by the users... more
A new malware designed to manipulate industrial safety systems was deployed against a critical infrastructure organization that provides emergency shutdown capability for industrial processes, according to a report released today. more
I'm not even sure how to begin this post, but let me tell you -- my head explodes when I try to contact WHOIS "contacts" about criminal activity - FAIL. I think ICANN wants to do the right thing here, and has stated on multiple occasions that inaccurate WHOIS data is reason for registrar termination. That's a Good Thing... more
Black Frog -- a new effort to continue the SO-CALLED Blue Security fight against spammers. A botnet, a crime, a stupid idea that I wish would have worked -- News items on Black Frog. Blue Frog by Blue Security was a good effort. Why? Because they wanted to "get spammers back". They withstood tremendous DDoS attacks and abuse reports, getting kicked from ISP after ISP. ...The road to hell is filled with good intentions. Theirs was golden, but they got to hell, quite literally, non-the-less. ...When Blue Security went down, some of us made a bet as to when two bored guys sitting and planning their millions in some café would show up, with Blue Security's business plan minus the DDoS factor. Well -- they just did. more
During a talk at the RSA Conference, security expert Bruce Schneier called for the creation of a new government agency that focuses on internet of things regulation, arguing that "the risks are too great, and the stakes are too high" to do nothing. more
Researchers at security service provider, Zscaler, are reporting that in the past six months they have blocked over 2.5 billion web-based cryptomining attempts within their cloud service. more
This very interesting document was released by ICANN's Generic Names Supporting Organization (GNSO) for public comment yesterday. And it asks some fundamental questions while at the same time pointing to sources such as the Honeynet Alliance's reports on fast flux. more
Oracle today announced the launch of the Internet Intelligence Map website; a source available for free that provides country-level connectivity statistics based on traceroutes, BGP, and DNS query volumes on a single dashboard. more
The public discussion of surveillance one year on from the Snowden revelations remains a search for the biggest sinner. New stories 'outing' countries and companies are great transparency and essential for healthy societies but they have a side effect that isn't so benign: they create an evergreen source of new justifications for security services to demand more money for a surveillance and counter-surveillance arms race. more
A World-Renowned Source for Internet Developments. Serving Since 2002.