Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
As part of my job, I manage an incident response team that was engaged by a significant organization in Georgia whose network was infected by the QBOT (a.k.a. QAKBOT) malware. The customer had been infected for over a year, several teams before ours had failed to solve the problem, and they continued to get reinfected by the malware when they thought they had eradicated it. Over time it had spread to more than 1,000 computers in their ecosystem stealing user credentials along the way. more
A weakness in modern computers allows attackers to steal encryption keys and other sensitive information, according to the latest discovery by cybersecurity firm F-Secure. more
The frequency of DDoS attacks has risen by 40% year on year while the duration of attacks decreased with 77% lasting ten minutes or less, according to a new report released by Corero Network Security. more
The DNS system is, unfortunately, rife with holes like Swiss Cheese; man-in-the-middle attacks can easily negate the operation of TLS and website security. To resolve these problems, the IETF and the DNS community standardized a set of cryptographic extensions to cryptographically sign all DNS records... Now that these standards are in place, how heavily is DNSSEC being used in the wild? How much safer are we from man-in-the-middle attacks against TLS and other transport encryption mechanisms? more
An apparent Iranian influence operation targeting internet users worldwide is reported as significantly larger than previously identified, Reuters reports. more
While the majority of ICANN's Security and Stability Advisory Committee (SSAC) have given the organization the green signal to roll, or change, the "top" pair of cryptographic keys used in the DNSSEC protocol, commonly known as the Root Zone KSK (Key Signing Key), five members of the committee advised against the October 11 rollover timeline. more
During the 27th Usenix Security Symposium held in Baltimore, MD last week, a group of researchers from China revealed results obtained from a large-scale analysis DNS interceptions. more
The eighth RIPE NCC hackathon takes on the Quantum Internet! The hackathon will be held during the weekend before RIPE 77 in Amsterdam, and is co-organised by QuTech and TU Delft, along with the RIPE NCC. We're bringing together network operators, quantum networking researchers, students, hackers, software developers and artists, to imagine and build the tools for the future Internet. more
President Donald Trump has reversed an Obama-era policy that set limits on how the United States deploys cyberattacks. more
Internet Engineering Task Force (IETF) has announced the official release of TLS 1.3. more
According to multiple sources, Google this week reported that since early 2017, it has not had any of its 85,000 plus employees phished on their work accounts. more
The AntiPhishing Working Group (APWG) in a letter to ICANN has expressed concern that the redaction of the WHOIS data as defined by GDPR for all domains is "over-prescriptive". more
A lengthy email to the NANOG mailing list last month concerning suspicious routing activities of a company called Bitcanal initiated a concerted effort to kick a bad actor off the Internet. more
A data broker based in Palm Coast, Florida, is reported to have exposed a database that contained close to 340 million personal records on a publicly accessible server. more
Layered security is a concept that's important for anyone who wants to create a strong, successful defense strategy to understand. This is a strategy that relies on the use of multiple lines of defense in an attempt to repel any potential attacks. For this reason, it's based on the principle that says "no single form of protection is enough to stop a determined cybercriminal. more
A World-Renowned Source for Internet Developments. Serving Since 2002.