Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Recently, there were news articles about a large software provider who experienced a global outage due to an expired digital certificate - and this is not the first time this kind of issue has hit the news. Digital certificate outages, when an organization forgets to replace an expiring certificate for a business-critical domain name, continues to cause business disruption and security risks. more
No. Now, thank you for your attention. Last year, some security researchers were discussing a doomsday scenario, that without investing in quantum encryption, there would soon be no way to feel secure over the Internet. (I would add, that a feeling of security over the Internet is misleading at best.) Allow me to break down some of these security peculiarities, which could be worrisome. more
The novel coronavirus outbreak (COVID-19) has prompted many organizations in Mainland China and Hong Kong to execute their business continuity plan (BCP). During the last epidemic in 2003, the SARS outbreak lasted for nine months – and with an infection rate that is increasing rapidly, this new coronavirus has the potential to cause prolonged periods of commercial disruption, and heavy reliance on BCPs. more
Israel's entire voter registry was recently uploaded to a vulnerable voting management app which effectively left the data wide open for days. more
Very few African states today have developed a national cybersecurity strategy or have in place cybersecurity and data protection regulations and laws. Yet, the continent has made major headway in developing its digital ecosystem, and moreover, it is home to the largest free trade area in the world, which is predicted to create an entirely new development path harnessing the potential of its resources and people. more
Fallen into the wrong hands, corp.com can be an extremely dangerous domain name providing a doorway to hundreds of thousands of corporate PCs. more
In my recent CircleID post, DNS, Domain Names, and Certificates: The Missing Links in Most Cybersecurity Risk Postures, I highlighted the importance of applying multiple layers of defense to secure these business-critical assets. Last Friday, Brian Krebs, the world-renowned cybersecurity journalist, reiterated the criticality of domain name security because the domain name "e-hawk.net" was stolen from the rightful owner using social engineering tactics targeting its domain name registrar. more
The ICANN Security and Stability Advisory Committee (SSAC) and the Internet Society Deploy360 Programme are planning a DNSSEC and Security Workshop during the ICANN67 meeting held from 07-12 March 2020 in Cancun, Mexico. The original DNSSEC Workshop has been a part of ICANN meetings for many years and has provided a forum for both experienced and new people to meet, present, and discuss current and future DNSSEC deployments. more
Last month, for the 20th anniversary of Y2K, I was asked about my experiences. (Short answer: there really was a serious potential problem, but disaster was averted by a lot of hard work by a lot of unsung programmers.) I joked that, per this T-shirt I got from a friend, the real problem would be on January 19, 2038, and 03:14:08 GMT. Why might that date be such a problem? On Unix-derived systems, including Linux and MacOS, time is stored internally as the number of seconds since... more
Microsoft has taken control of 50 domains used by a North Korean cybercrime group dubbed "Thallium" to steal information from users, including government employees, think tanks, university staff members, and those working on nuclear proliferation issues. more
The U.N. General Assembly has approved a resolution to start the process of drafting a new international treaty against cybercrime despite objections from the European Union, the United States and other countries. The Russian-drafted resolution received approval from a 193-member world body with a vote of 79-60 and 33 abstentions. more
In 2019, we've seen a surge in domain name system (DNS) hijacking attempts and have relayed warnings from the U.S. Cybersecurity and Infrastructure Agency, U.K.'s Cybersecurity Centre, ICANN, and other notable security experts. Although the topic has gained popularity amongst CIOs and CISOs, most companies are still overlooking important security blind spots when it comes to securing their digital assets outside the enterprise firewalls -- domains, DNS, digital certificates. more
Encryption is fundamental to our daily life. Practically everything we do online makes use of encryption is some form. Access to our financial transactions, health records, government services, and exchanged private messages are all protected by strong encryption. Encryption is the process of changing the information in such a way as to make it unreadable by anyone except for those possessing special knowledge (usually referred to as a "key"), which allows them to change the information back to its original, readable form. more
In the short ten years that they've been around, mobile apps have grown to become a staple of modern digital life. With more than five million apps currently available for download in the major app stores, and with over 2,000 new apps being uploaded every day, mobile apps are big business. Fifty-eight percent of shoppers consistently browse e-commerce apps and 49% of all website traffic now comes directly from mobile app users. All this browsing directly translates into spending. more
The last Australian Internet Governance Forum (auIGF) was held in October 2016 before the annual event was cancelled as part of an auDA review. Three years on and the auIGF replacement – NetThing – was held in Sydney on 28 October 2019, though I was surprised to see that this Australian Internet event no longer had an associated .au domain name, instead choosing to go with NetThing.info. more
A World-Renowned Source for Internet Developments. Serving Since 2002.