Cybersecurity

Sponsored
by

Noteworthy

IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Blogs

Digital Transformation in Five Minutes: What, Why and How

Digital Transformation (DX) is picking up speed. According to a recent announcement by IDC, the market is expected to grow at a Compounded Annual Growth Rate (CAGR) of 17.9% to reach a whopping 321 billion dollars by 2021. In 2018 alone, IDC expects that 326 billion will be spent on transforming how people and things communicate. Based on these numbers, it looks like Digital Transformation has become the real deal. more

Why Are the EU Data Protection Authorities Taking Away Our Fundamental Right to be Safe?

What if we created a rule that gave everyone -- good or bad -- the right to hide their license plate, where they live, who they are, and just go incognito? What if we made it a right to walk into any building in the world, and simply say "No, thank you" when the security guards asked for one's identification? The criminals would celebrate, and we'd all be utterly alarmed. We would immediately be afraid for our personal safety. more

Is Blockchain Causing More Cybersecurity Attacks in the Financial Industry?

There's a lot of misunderstanding about blockchain. A recent study by HSBC, for example, found that 59 percent of customers around the world had never heard of it. Yet, while that alone is quite telling, it's probably more alarming to consider the fact that very same poll revealed that 80 percent of people who had hard of blockchain did not understand what it is. This level of confusion isn't confined to the general population either. more

Routing Attacks on Internet Services

This post was co-authored by Yixin Sun, Annie Edmundson, Henry Birge-Lee, Jennifer Rexford, and Prateek Mittal. In this post, we discuss a recent thread of research that highlights the insecurity of Internet services due to the underlying insecurity of Internet routing. We hope that this thread facilitates important dialog in the networking, security, and Internet policy communities to drive change and adoption of secure mechanisms for Internet routing. more

ICANN Cannot Expect the DPAs to Re-Design WHOIS, but Asking for a Reprieve Makes Sense

We are on the brink of the most serious threat to the open and public Internet for decades. ICANN, under pressure from domain name registrars and EU data protection authorities, has proposed an "interim" plan that will hide critical information in WHOIS. Security, threat intelligence, and anti-abuse professionals rely on WHOIS to track down bad guys and keep the Internet as safe and secure as possible. more

Security, Standards, and IoT: Will Connected Devices Flourish Under Prescriptive Regimes?

Security for Internet-connected devices, the "Internet of Things" (IoT), is critically important. Now, more than ever, it is top of mind for device manufacturers, network operators, consumer advocates, lawmakers, and government regulators -- domestically and internationally. In the face of recent attacks, government authorities and consumer advocates have proposed legislation, frameworks, certifications, and labeling schemes. more

Crypto War III: Assurance

For decades, academics and technologists have sparred with the government over access to crypographic technology. In the 1970s, when crypto started to become an academic discipline, the NSA was worried, fearing that they'd lose the ability to read other countries' traffic. And they acted. For example, they exerted pressure to weaken DES... The Second Crypto War, in the 1990s, is better known today, with the battles over the Clipper Chip, export rules, etc. more

The Recent and Rapid Evolution of DDoS Attacks

In October of 2016 the Mirai botnet came thundering onto the internet landscape. A digital Godzilla, a DDoS King Kong, this Internet of Things-powered behemoth began smashing DDoS attack records, online powerhouses like Reddit, Etsy, Spotify, CNN and the New York Times crumbling under its fists. When the dust had settled, and services had been restored, one thing seemed certain: a new era of DDoS attacks was upon us. Mirai was terrifying as a botnet but even worse as a harbinger. more

Takeaways from the DNS-OARC's 28th Workshop

March has seen the first of the DNS Operations, Analysis, and Research Center (OARC) workshops for the year, where two days of too much DNS is just not enough! These workshops are concentrated within two days of presentations and discussions that focus exclusively on the current state of the DNS. Here are my impressions of the meeting. more

IETF and Crypto Zealots

I've been prompted to write this brief opinion piece in response to a recent article posted on CircleID by Tony Rutkowski, where he characterises the IETF as a collection of "crypto zealots." He offers the view that the IETF is behaving irresponsibly in attempting to place as much of the Internet's protocols behind session level encryption as it possibly can. ... Has the IETF got it wrong? Is there a core of crypto zealots in the IETF that are pushing an extreme agenda about encryption? more

U.S. Complaint to WTO on China VPNs Is Itself Troubling

On 23 February, the U.S. Administration had the chutzpah to file a formal communication to the World Trade Organization (WTO) complaining about "measures adopted and under development by China relating to its cybersecurity law." However, it is the U.S. complaint that is most troubling. Here is why. The gist of the U.S. complaint is that China's newly promulgated directive on the use of VPN (Virtual Private Network) encrypted circuits from foreign nations runs afoul of... more

1 Terabit DDoS Attacks Become a Reality; Reflecting on Five Years of Reflections

Reflection amplification is a technique that allows cyber attackers to both magnify the amount of malicious traffic they can generate, and obfuscate the sources of that attack traffic. For the past five years, this combination has been irresistible to attackers, and for good reason. This simple capability, of turning small requests into larger, 'amplified' responses, changed the Distributed Denial of Service (DDoS) attack landscape dramatically. more

Humming an Open Internet Demise in London?

In mid-March, the group dubbed by Wired Magazine 20 years ago as Crypto-Rebels and Anarchists - the IETF - is meeting in London. With what is likely some loud humming, the activists will likely seek to rain mayhem upon the world of network and societal security using extreme end-to-end encryption, and collaterally diminish some remaining vestiges of an "open internet." Ironically, the IETF uses what has become known as the "NRA defence": extreme encryption doesn't cause harm, criminals and terrorists do. more

Have We Reached Peak Use of DNSSEC?

The story about securing the DNS has a rich and, in Internet terms, protracted history. The original problem statement was simple: how can you tell if the answer you get from your query to the DNS system is 'genuine' or not? The DNS alone can't help here. You ask a question and get an answer. You are trusting that the DNS has not lied to you, but that trust is not always justified. more

Usenet, Authentication, and Engineering (or: Early Design Decisions for Usenet)

A Twitter thread on trolls brought up mention of trolls on Usenet. The reason they were so hard to deal with, even then, has some lessons for today; besides, the history is interesting. (Aside: this is, I think, the first longish thing I've ever written about any of the early design decisions for Usenet. I should note that this is entirely my writing, and memory can play many tricks across nearly 40 years.) more

News Briefs

Large Open-Source Data Set Released to Help Train Algorithms Spot Malware

Experts Urge Support for Security Researchers, Call a Stop to Intimidation Efforts

2.6 Billion Records Were Stolen, Lost or Exposed Worldwide in 2017, an 88% Increase From 2016

Enterprise Networks Are Being Impacted by Unwanted and Unidentified Cryptomining Activity

Iran Among Countries Affected by a Cyberattack That Left U.S. Flag on Screens

Researchers Discover Over 1.5 Billion Files Exposed Through Misconfigured Data Services

Access Logs Reveal 12M Visits to .CM Typosquatted Sites Just in 2018 So Far

APNIC Labs Partners with Cloudflare for Joint DNS Research Project

Close to 20% VPN Providers Reported Leaking Customer IP Addresses via WebRTC Bug

Russian-Based Kaspersky Lab Planning on Swiss Data Center to Address Russian Exploit Concerns

Women in Security Organize New Conference in Reaction to RSA's Lack of Female Speaker Inclusion

1.3 Tbps DDoS Attack Against GitHub is Largest Attack Seen to Date, Says Akamai

IPv6, 5G and Mesh Networks Heightening Law Enforcement Challenges, Says Australian Government

'First True' Native IPv6 DDoS Attack Reported

Significant Changes Underway for Core Internet Protocols

U.S. Government Officials Raise Concerns Over Intel's Long Delay Informing Government on Chip Flaws

SEC Reinforces and Expands Its Cybersecurity Guidance for Public Companies

Report Estimates Cybercrime Taking $600 Billion Toll on Global Economy

Hackers Use Tesla's Amazon Cloud Account to Mine Cryptocurrency

Botnets Shift Focus to Credential Abuse, Says Latest Akamai Report

Most Viewed

Most Commented

Taking Back the DNS

Fake Bank Site, Fake Registrar

When Registrars Look the Other Way, Drug-Dealers Get Paid

Who Is Blocking WHOIS? Part 2

ICANN Complaint System Easily Gamed

Verisign Updates – Sponsor

DNS-Based Threats: Cache Poisoning

As DNS attacks grow in frequency and impact, organizations can no longer afford to overlook DNS security as part of their overall defense-in-depth strategy. As with IT security in general, no single tactic can address the entire DNS threat landscape or secure the complete DNS ecosystem. more

Q4 2017 DDoS Trends Report: Financial Sector Experienced 40 Percent of Attacks

Verisign has released its Q4 2017 DDoS Trends Report, which represents a unique view into the attack trends unfolding online, through observations and insights derived from distributed denial of service (DDoS) attack mitigations enacted on behalf of Verisign DDoS Protection Services and security research conducted by Verisign Security Services. more

DNS-Based Threats: DNS Reflection and Amplification Attacks

Cybercriminals recognize the value of DNS availability and look for ways to compromise DNS uptime and the DNS servers that support it. As such, DNS becomes an important point of security enforcement and a potential point in the Cyber Kill Chain for many cyber-attacks. more

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Verisign has qualified for the Online Trust Alliance's (OTA) 2017 Honor Roll for showing a commitment to best practices in security, privacy and consumer protection. This is the fifth consecutive year that Verisign has received this honor. more

Attacks Decrease by 23 Percent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

Verisign has released its latest DDoS Trends Report for the first quarter of this year representing a unique view into the attack trends unfolding online. more

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Verisign has just released Q4 2016 DDoS Trends Report providing a unique view into the attack trends unfolding online through observations and insights derived from distributed denial of service (DDoS) attack mitigations, enacted on behalf of Verisign DDoS Protection Services, and security research conducted by Verisign iDefense Intelligence Services. more

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

Verisign has released its Q3 2016 DDoS Trends Report providing a unique view into online distributed denial of service (DDoS) attack trends from mitigations enacted on behalf of Verisign DDoS Protection Services and research conducted by Verisign iDefense Security Intelligence Services. more

Industry Updates

Participants – Random Selection