Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS tunneling -- the ability to encode the data of other programs or protocols in DNS queries and responses -- has been a concern since the late 1990s. If you don't follow DNS closely, however, DNS tunneling likely isn't an issue you would be familiar with. Originally, DNS tunneling was designed simply to bypass the captive portals of Wi-Fi providers, but as with many things on the Web it can be used for nefarious purposes. For many organizations, tunneling isn't even a known suspect and therefore a significant security risk. more
Heartbleed, for anyone who doesn't read the papers, is a serious bug in the popular OpenSSL security library. Its effects are particularly bad, because OpenSSL is so popular, used to implement the secure bit of https: secure web sites on many of the most popular web servers such as apache, nginx, and lighttpd. A few people have suggested that the problem is that OpenSSL is open source, and code this important should be left to trained professionals. They're wrong. more
Garth Bruen writes: Within the next few weeks Google plans to update its pharmacy policy which will restrict pharmacy advertisements. Once in effect, the updated policy will only allow VIPPS and CIPA certified pharmacies to advertise. Additionally these pharmacies can only target ads within their country. more
The outbreak of COVID-19 has caused worldwide disruption -- for whole nations and their economies. Unfortunately, there will be some side effects for businesses. A number of brands will disappear from the streets and shelves, as businesses that fail to weather the storm will have to fold. Companies that do survive will likely focus more on their core markets, pulling brands out of higher risk, less profitable markets... more
Mike Hammer's thoughtful article, A Few Thoughts on the Future of Email Authentication, should trigger thoughtfulness in the rest of us. Email abuse has been around a long time. Anti-abuse efforts have too. Yet global abuse traffic has grown into the 90+% range, with no hint of trending downward. The best we hear about current effectiveness is for last-hop filtering, if you have the money, staff and skills to apply to the problem... more
As society uses more digital technologies we are increasingly also faced with its problems. Most of us will have some horror stories to tell about using computers, smartphones, and the internet. But this hasn't stopped us from using the technology more and more. I believe that most people would say that their lives would be worse without technology -- in developed countries but equally in the developing world. more
Leading American tech firm Cloudflare has been accused of providing cybersecurity services to at least seven designated foreign terrorist organizations and militant groups including Taliban, al-Shabab and Hamas. more
The Internet of today is awash with networking protocols, but at its core lie a handful that fundamentally keep the Internet functioning. From my perspective, there is no modern Internet without DNS, HTTP, SSL, BGP, SMTP, and NTP. Of these most important Internet protocols, NTP (Network Time Protocol) is the likely least understood and has the least attention and support. Until very recently, it was supported (part-time) by just one person. more
ICANN has published its first new monthly report providing statistics and insight into security threats to generic top-level domains (gTLDs). more
A wave of DNS hijacking is reported to have affected dozens of domains belonging to government, telecommunications and internet infrastructure entities across the Middle East and North Africa, Europe and North America. more
In the business world, there are two main paths a company can take with cybersecurity -- the reactive and the proactive approach. The problem with a purely reactive attitude is that it can easily put companies in constant firefighting mode. And for small companies with limited resources, this can turn out to be an increasingly uncomfortable place to be in.
With that in mind, experts today suggest proactive cybersecurity by monitoring suspicious activity and identifying risks before they turn into full-blown attacks. more
HaAretz, an Israeli newspaper, quotes Major-General Yaldin as saying: "Fighting in the cyber dimension is as significant as the introduction of fighting in the aerial dimension in the early 20th century." (my translation) If this statement is to be believed, Israel is active in cyberspace. And yet, why would Israel admit that, regardless of if it really happens? One option is... more
According to press reports, a water utility's SCADA network was hacked. The attacker turned a pump on and off too much, resulting in physical damage to the pump. ... For years, security specialists have been warning that something like this could happen. Although more and more people have started to believe it, we still hear all of the usual reassuring noises -- the hackers don't know enough, we have defenses, there are other safeguards, etc. That debate is now over... more
Until now, the criminals behind malware and phishing have had only 22 generic top-level domain names (TLDs) to abuse -- names like .com, .net or .org. But with hundreds of new TLDs entering the marketplace, e.g. .buzz, .email, and .shop, there are many more targets than ever... What can attackers do with domain names? more
Mozilla was nominated as one of the three ISPAUK's 2019 Internet Villains for their proposed approach "to introduce DNS-over-HTTPS in such a way as to bypass UK filtering obligations and parental controls, undermining internet safety standards in the UK." more
A World-Renowned Source for Internet Developments. Serving Since 2002.