Threat Intelligence |
Sponsored by |
|
I'm delighted to announce that the name collisions workshop this weekend will include Jeff Schmidt, CEO of JAS Global Advisors, presenting the Name Collision Occurrence Management Framework that his firm just released for public review. Jeff's presentation is one of several on the program announced by the program committee for the Workshop and Prize on Root Causes and Mitigations of Name Collisions (WPNC). more
Last week, I commented on the the Gmail/Hotmail/Yahoo username and password leak. The question we now ask is whether or not we are seeing an increased amount of spam from those services. On another blog, they were commenting that various experts were claiming that this is the case. more
The Internet and the domain name system (DNS) have become the mainstay of the new COVID sheltered world. Afilias looked at registrations in the unrestricted domain name space, with a special focus on the popular .INFO, .PRO, .MOBI and .IO domain name extensions. The data shows that the number of website and domain registrations related to COVID and Coronavirus in these extensions is flattening after a surge in March. more
The trade press is abuzz today with reports about a security breach at Verisign. While a security breach at the company that runs .COM, .NET, and does the mechanical parts of managing the DNS root is interesting, this shouldn't be news, at least, not now. Since Verisign is a public company, they file a financial report called a 10-Q with the SEC every quarter. According to the SEC's web site, Verisign filed their 10-Q for June through September 2011 on October 28th. more
In a little over two weeks, precisely in 17 days (on 11 October 2018 at 16:00 UTC), ICANN will roll the Domain Name System Security Extensions (DNSSEC) root Key Signing Key (KSK). If you are a Domain Name System (DNS) and DNSSEC expert already engaged globally on the topic, you are certainly both well aware and ready for the rollover. This article is probably not for you! If however, you are out there focused on your day to day running or managing a DNS infrastructure... more
Law enforcement demands to domain name registrars were a recurring theme of the 42d ICANN public meeting, concluded last week in Dakar. The Governmental Advisory Committee (GAC) took every opportunity at its public meetings with GNSO and Board, and in its Communique to express dismay, disappointment, and demands for urgent action to "reduce the risk of criminal abuse of the domain name system." more
While the current VPN market appears to be filled with numerous products by various companies, recent research that took a closer look into the market revealed very unexpected results. more
Last week we heard of yet another egregious security breach at an online provider, as crooks made off with the names, address, and birth dates of eBay users, along with encrypted passwords. They suggest you change your password, which is likely a good idea, and you better also change every other place you used the same password. But that's not much help since you can't change your name, address, and birth date, which are ever so handy for phishing and identity theft. more
Over the last few years I've been hearing some people claim that botnets are the real spam problem and that if you can find a sender then they're not a problem. Much of this is said in the context of hating on Canada for passing a law that requires senders actually get permission before sending email. Botnets are a problem online. They're a problem in a lot of ways. They can be used for denial of service attacks. They can be used to mine bitcoins... more
HaAretz, an Israeli newspaper, quotes Major-General Yaldin as saying: "Fighting in the cyber dimension is as significant as the introduction of fighting in the aerial dimension in the early 20th century." (my translation) If this statement is to be believed, Israel is active in cyberspace. And yet, why would Israel admit that, regardless of if it really happens? One option is... more
When it comes to fighting cybercrime, "being able to easily access ICANN and look up IP addresses is a lot more important than accessing the minutiae of encrypted data communications," says Jacqueline McNamara, head of cybersecurity at Telstra. more
U.S. Senators Mark Warner, a Virginia Democrat, and Marco Rubio, a Florida Republican, both critics of China, have urged Canada to consider dropping China's Huawei Technologies from helping to build next-generation 5G telecommunications networks. more
Criminals are now looking to use established domain names, via phishing targeted at domain registrars. This is possibly related to ICANN finally moving to stop the black hat registrars of the world. According to the first report on the matter sent yesterday to Registrar Operations (reg-ops) mailing list, the attacks seem to be run by gang of child pornography spammers. more
A spamming group called River City Media (RCM) has had its database of 1.4 billion records leaked. This was revealed today by MacKeeper Security Researcher, Chris Vickery in cooperation with CSO Online and Spamhaus. more
There may still be a few security practitioners working in the field who didn't have a copy of Bruce Schneier's Applied Cryptography on their bookshelf the day they started their careers. Bruce's practical guide to cryptographic algorithms, key management techniques and security protocols, first published in 1993, was a landmark volume for the newly emerging field, and has been a reference to developers ever since. more
A World-Renowned Source for Internet Developments. Serving Since 2002.
