Featured Blogs

Most Viewed  –  Last 30 Day  |  Last 12 Months  |  All Time

EU CRA: Regulatory Extremism and Exceptionalism

European Union (EU) legislators, like most of the world, are troubled about the increasing number and severity of cybersecurity incidents. However, unlike most of the world, which is taking a flexible, adaptive Zero Trust Model approach of continuous controls for cyberdefense, the EU government is pursuing a vastly expanded version of the failed Common Criteria certification model coupled with regulatory extremism and exceptionalism strategies. more

The Standards Myth That Does Not Stop

The latest iteration of the most expansive, omnipotential cybersecurity legal regime ever drafted appeared a few days ago. The European Union (EU) Cyber Resilience Act (CRA) is attempting to assert jurisdiction and control over all "products with digital elements" defined as "any software or hardware product and its remote data processing solutions, including software or hardware components to be placed on the market." more

Australian Government Issues New Guidelines to Address 5G Security Concerns in Smart Cities

The Australian Signals Directorate (ASD) has issued a new set of guidelines warning about the security risks posed by the use of 5G technology in so-called Smart Cities. The ASD's concerns align with those of the Five Eyes security alliance, which has warned that the interconnected nature of a fully connected city makes it vulnerable to cyberattacks. more

What ICANN’s Strong Stance on the UN’s Global Digital Compact Says About Current Internet Governance

On 21 August 2023, ICANN org. made its position in relation to the current state of the UN's Global Digital Compact (GDC) clear in a blog post by Sally Costerton (ICANN CEO), John Curran (ARIN), and Paul Wilson (APNIC), entitled "The Global Digital Compact: A Top-down Attempt to Minimize the Role of The Technical Community." The publication strongly criticizes the GDC's attempt at folding the technical community into the civil society umbrella under a "tripartite" approach also involving the private sector and governments, as proposed by the Secretary-General's Envoy on Technology, Amandeep Gill. more

The IoT Cyber Seal Fog

For four days in Southern France, cybersecurity experts from a broad array of different countries and sectors gathered for the annual ETSI Security Conference. The event undertaken by one of the world's major industry information-communication (ICT) standards organisations was intended to take stock of the state of cybersecurity and trends. more

Biden’s National Cybersecurity Strategy Suggests Increased Website Security, Customer Protection

Phishing attacks have been rising over the past couple of years. Reports show that there was a 345 percent increase in phishing attacks between 2020 and 2021. In 2022, the number of advanced phishing attacks rose by 356 percent. Behind these alarming numbers, however, is an even uglier picture of digital fraud: a difficult-to-quantify prevalence of fake or spoof websites. more

Cybersecurity for Schools

FCC Chairwoman Jessica Rosenworcel recently asked the other FCC Commissioners to support a proposal to spend $200 million over three years to bolster school cybersecurity. Rosenworcel plans to issue a Notice for Proposed Rulemaking (NRPM) soon for her proposal. The NPRM will set off a round of public comments and then a ruling if a majority of the Commissioners agree with the final set of rule changes. more

UN and Cybersecurity: Searching for Consensus in a Divided World

The 78th UN General Assembly (UNGA) addressed the issue of cybersecurity again at one of its last meetings in December 2023. It included the adoption of four resolutions on the Open-Ended Working Group (OEWG), a "Program of Action" (POA), and autonomous weapon systems. The texts of the four draft resolutions were negotiated in UNGA's 1st committee, responsible for international security issues, in October and November 2023. more

How You Can Be Hijacked Without Actually Being Hacked

Unsuspecting website visitors are often unaware when they have landed on a spoofed page or are re-directed to malware-hosting web servers designed to steal their sensitive data and information. This attack is known as subdomain hijacking, or subdomain takeover. A web user's private information is then traded on the dark web, and cybercriminals profit, further fueling the expansion of identity theft in the online world. more

Can We Get More Eyes on Britain’s Largest Scam “Watch List”?

The FCA has been naming and shaming financial scam domains for decades. Its "warning list" is probably one the most extensive databases of its kind. But does it do a good enough job of actually warning people? Let us begin with the FCA website, which would not exactly get full points for user-friendliness: locating the "watch list" is a task in and of itself, to say nothing of consulting and scrutinising it. more

Measuring the Use of DNSSEC

The canonical specification of the DNS that is normally cited are the pair of quite venerable RFCs, RFC 1034, "Domain names - concepts and facilities", and RFC 1035, "Domain names - implementation and specification", both published in November 1987. However, these two specification documents are just the tip of a rather large iceberg. One compendium of all the RFCs that touch upon the DNS lists some 292 RFCs. more

.AI You Ready? A Domain to Add to Your Portfolio… Before Someone Else Does

On the sunny beaches of Anguilla -- a small island of just 35 square miles -- I'm sure artificial intelligence (AI) is the last thing people are thinking about. The primary industries of Anguilla, set in the Leeward islands in the Caribbean, are tourism and offshore banking. However, this nation has been assigned the country code top-level domain (ccTLD) .AI -- which is being repurposed to represent artificial intelligence. more

Failed Expectations: A Deep Dive Into the Internet’s 40 Years of Evolution

In a recent workshop, I attended, reflecting on the evolution of the Internet over the past 40 years, one of the takeaways for me is how we've managed to surprise ourselves in both the unanticipated successes we've encountered and in the instances of failure when technology has stubbornly resisted to be deployed despite our confident expectations to the contrary! What have we learned from these lessons about our inability to predict technology outcomes? more

From Loon to Taara: Google’s Moonshot Delivering Wireless Backhaul

You may recall a number of years ago when Google experimented with delivering broadband from balloons in an effort labeled Project Loon. The project was eventually dropped, but a remnant of the project has now resurfaced as Taara - broadband delivered terrestrially by lasers. more

DNS Abuse: A Litmus Test for ICANN

For a long time, arguments about the meaning of "DNS Abuse" prevented fruitful discussions within the ICANN community on when and how it is appropriate to act at the level of the DNS to address abuses online. The proposed amendments to RA and RAA agreements represent a significant and welcomed step in the right direction. As Secretariat of the Internet & Jurisdiction Policy Network (I&JPN), we strongly encourage their adoption... more

Topics

Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com

Latest Blogs

Recently Discussed

Most Discussed – Last 30 Days