Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
The deployment of Domain Security Extensions (DNSSEC) has crossed another milestone this month with the publication of DURZ (deliberately unvalidatable root zone) in all DNS root servers on 5 May 2010. While this change was virtually invisible to most Internet users, this event and the remaining testing that will occur over these next two months will dictate the ultimate success of DNSSEC deployment across the Internet. more
U.S. Department of Homeland Security (DHS) and the FBI today released a technical alert based joint-effort analysis of methods behind North Korea’s cyberattacks. more
Last week at RSA, Bruce Schneier gave a talk on the top 3 emerging threats on the Internet. Whereas we in the security field usually talk about spam, malware and cyber crime, he talked about three meta-trends that all have the potential to be more dangerous than the cybercriminals. Here are my notes. more
As a reader of this article, you are probably familiar with the DNS cache poisoning techniques discovered a few years ago. And you have most likely heard that DNSSEC is the long term cure. But you might not know exactly what challenges are involved with DNSSEC and what experience the early adopters have gathered and documented. Perhaps you waited with our own rollout until you could gather more documentation over the operational experience when rolling out DNSSEC. This article summarizes authors' experiences and learnings from implementing the technology in production environments as well as discusses associated operational issues. more
Equifax has blamed a flaw in the software running its online databases for the massive breach revealed last week that has allowed hackers to steal personal information of as many as 143 million customers. more
Microsoft has taken control of 50 domains used by a North Korean cybercrime group dubbed "Thallium" to steal information from users, including government employees, think tanks, university staff members, and those working on nuclear proliferation issues. more
In March of 2018, abuse.ch, a non-profit cybersecurity organization in Switzerland, launched a project called URLhaus to collect and share URLs identified to be distributing malware. more
Micorsoft has released a 253 page cybersecurity ebook primarily intended for teens but also serves as a useful resource for adults interested in overall understanding of various Internet security topics. more
As chance has it, the attempt by NTIA to create a fake Trump Open 5G Security Framework MAGAverse as they headed out the door on 15 January is being followed this week by the global meeting of 3GPP SA3 (Security) to advance the industry's real open 5G security Framework. Designated TSGS3-102e (the 102nd meeting, occurring electronically), it continues the practice of assembling companies, organisations, and agencies from around the world every 8 to 12 weeks to focus on 5G security for current and future releases of 5G infrastructure. more
The Federal Trade Commission is challenging the public to create an innovative tool to help protect consumers from security vulnerabilities in the software of home devices connected to the Internet of Things. more
If there were a lifetime achievement award for losing lawsuits for being annoying, Sanford Wallace would be a shoo-in. Fifteen years ago, his junk faxing was a major impetus for the TCPA, the law outlawing junk faxes. Later in the 1990s, his Cyber Promotions set important legal precedents about spam in cases where he lost to Compuserve and AOL. Two years ago, he lost a suit to FTC who sued his Smartbot.net for stuffing spyware onto people's computers. And now, lest anyone think that he's run out of bad ideas, he's back, on the receiving end of a lawsuit from MySpace... more
Internet Engineering Task Force (IETF) has announced the official release of TLS 1.3. more
The joint statement was released on Monday at the United Nations ahead of the UN General Assembly's General Debate calling on all states to support the evolving framework and to join in ensuring "greater accountability and stability in cyberspace." more
Microsoft announced today its plans to adopt DNS over HTTPS (DoH) protocol in Windows and will also keep other options such as DNS over TLS (DoT) on the table for consideration. more
Close to 20% of popular VPN services are reported to be leaking customer's IP address via a WebRTC bug known since January 2015, and which "some VPN providers have never heard of." more
A World-Renowned Source for Internet Developments. Serving Since 2002.