Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
The Librarian of Congress and US Copyright Office has updated the Digital Millennium Copyright Act extending some essential exemptions ensuring that computer security researchers won't be treated like nefarious criminals for their contributions to society. more
Yahoo today announced it has agreed to pay $50 million in damages and will offer two years of free credit-monitoring services to 200 million people whose email addresses and other personal information were stolen as part of the massive security breach. more
When it comes to fighting cybercrime, "being able to easily access ICANN and look up IP addresses is a lot more important than accessing the minutiae of encrypted data communications," says Jacqueline McNamara, head of cybersecurity at Telstra. more
According to reports, the majority of the U.S. federal domains have met the deadline to adopt an email authentication program to prevent fake emails from being sent. more
A report from the U.K.'s National Cyber Security Centre blames hostile foreign states for the majority of the 1,167 attacks dealt with in the past two years. more
U.S. Senators Mark Warner, a Virginia Democrat, and Marco Rubio, a Florida Republican, both critics of China, have urged Canada to consider dropping China's Huawei Technologies from helping to build next-generation 5G telecommunications networks. more
If it's not an era of intense faith in the multilateral system, somewhere among the Trump Administration's anonymous adults in the room there is a believer, and the Internet might be the better for it. Evidence for the existence of this fifth columnist lies in the US National Cyber Strategy, launched last month under the commander-in-chief's unprepossessing signature, which looks to provide security for America's connected economy. more
The information security industry, lacking social inhibitions, generally rolls its eyes at anything remotely hinting to be a "silver bullet" for security. Despite that obvious hint, marketing teams remain undeterred at labeling their companies upcoming widget as the savior to the next security threat (or the last one -- depending on what's in the news today). I've joked in the past that the very concept of a silver bullet is patently wrong... more
When rolling out a new protocol such as IPv6, it is useful to consider the changes to security posture, particularly the network's attack surface. While protocol security discussions are widely available, there is often not "one place" where you can go to get information about potential attacks, references to research about those attacks, potential counters, and operational challenges. more
Facebook alerted users today that its engineering team on Tuesday had discovered a security issue affecting almost 50 million accounts. more
Security experts and privacy advocates see the rollout of the new 5G wireless network as a possible solution to eliminate surveillance vulnerabilities that allow spying on nearby phone calls. more
Despite headlines now at least a couple of years old, the InfoSec world is still (largely) playing lip-service to the lack of security talent and the growing skills gap. The community is apt to quote and brandish the dire figures, but unless you're actually a hiring manager striving to fill low to mid-level security positions, you're not feeling the pain -- in fact, there's a high probability many see problem as a net positive in terms of their own employment potential and compensation. more
At NANOG on the Road (NotR) in September of 2018, I participated in a panel on BGP security -- specifically the deployment of Route Origin Authentication (ROA), with some hints and overtones of path validation by carrying signatures in BGP updates (BGPsec). This is an area I have been working in for... 20 years? ... at this point, so I have seen the argument develop across these years many times, and in many ways. more
In a little over two weeks, precisely in 17 days (on 11 October 2018 at 16:00 UTC), ICANN will roll the Domain Name System Security Extensions (DNSSEC) root Key Signing Key (KSK). If you are a Domain Name System (DNS) and DNSSEC expert already engaged globally on the topic, you are certainly both well aware and ready for the rollover. This article is probably not for you! If however, you are out there focused on your day to day running or managing a DNS infrastructure... more
Last week an ICANN registrar, Namejuice, went off the air for the better part of the day -- disappearing off the internet at approximately 8:30 am, taking all domains delegated to its nameservers with it, and did not come back online until close to 11 pm ET. That was a full business day and more of complete outage for all businesses, domains, websites, and email who were using the Namejuice nameservers -- something many of them were doing. more
A World-Renowned Source for Internet Developments. Serving Since 2002.