Cybersecurity

Sponsored
by

Noteworthy

IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Blogs

A Digital 'Red Cross'

A look into the past reveals that continuous developments in weaponry technology have been the reason for arms control conventions and bans. The banning of the crossbow by Pope Urban II in 1096, because it threatened to change warfare in favour of poorer peasants, the banning of poisoned bullets in 1675 by the Strasbourg Agreement, and the Geneva protocol banning the use of biological and chemical weapons in 1925 after world war 1, all prove that significant technological developments have caused the world to agree not to use certain weapons. more

WHOIS: How Could I Have Been So Blind?

A colleague was recently commenting on an article by Michele Neylon "European Data Protection Authorities Send Clear Message to ICANN" citing the EU Data Commissioners of the Article 29 Working Party, the grouping a determinate factor In the impending death of WHOIS. He is on point when he said: What the European Data Protection authorities have not yet put together is that the protection of people's mental integrity on the Internet is not solely due to the action of law enforcement... more

Voluntary Reporting of Cybersecurity Incidents

One of the problems with trying to secure systems is the lack of knowledge in the community about what has or hasn't worked. I'm on record as calling for an analog to the National Transportation Safety Board: a government agency that investigates major outages and publishes the results. In the current, deregulatory political climate, though, that isn't going to happen. But how about a voluntary system? more

The Kaljarund Commission: Building Bridges Over Troubled Cyber-Water

There was one message which overshadowed all discussions at the 5th Global Conference on Cyber Space (GCCS) in New Delhi in November 2017: Instability in cyberspace is as dangerous as climate change. With four billion Internet users and five trillion dollars annually in digital transactions, instability in cyberspace has the potential to ruin the world. more

Caribbean Businesses Can Make Good Use of Free DNS Security

IBM Security, Packet Clearing House (PCH) and Global Cyber Alliance (GCA) unveiled a free Domain Name System (DNS) service designed to protect all Internet users from a wide range of common cyber threats. Launched on November 16 with simultaneous press events in London, Maputo and New York, the public DNS resolver has strong privacy and security features built-in and can be enabled with a few changes to network settings, as outlined on the organisation's website. more

Internet Hall of Fame Inductees Gather at GNTC to Discuss New Generation of Internet Infrastructure

Confronted with the rapid development of the Internet, the traditional network is facing severe challenges. Therefore, it is imperative to accelerate the construction of global network infrastructure and build a new generation of Internet infrastructure to adapt to the Internet of Everything and the intelligent society. From November 28 to 30, 2017, "GNTC 2017 Global Network Technology Conference" organized by BII Group and CFIEC, will see a grand opening in Beijing. more

Qatar Crisis Started With a Hack, Now Political Tsunami in Saudi Arabia - How Will You Be Impacted?

The world has officially entered what the MLi Group labels as the "New Era of The Unprecedented". In this new era, traditional cyber security strategies are failing on daily basis, political and terrorist destruction-motivated cyber attacks are on the rise threatening "Survivability", and local political events unfold to impact the world overnight and forever. Decision makers know they cannot continue doing the same old stuff, but don't know what else to do next or differently that would be effective. more

Enabling Privacy Is Not Harmful

The argument for end-to-end encryption is apparently heating up with the work moving forward on TLSv1.3 currently in progress in the IETF. The naysayers, however, are also out in force, arguing that end-to-end encryption is a net negative... The idea of end-to-end encryption is recast as a form of extremism, a radical idea that should not be supported by the network engineering community. Is end-to-end encryption really extremist? Is it really a threat to the social order? more

RIPE 75: Imprssions of the Meeting

RIPE held its 75th meeting in Dubai in mid-October. As usual, there was a diverse set of presentations covering a broad range of activities that are taking place on today's Internet. The topics include issues relating to network operations, regulatory policies, peering and interconnection, communications practices within data centers, IPv6, the DNS, routing and network measurement. If that's not enough, the topic of the Internet of Things has been added as a Working Group in the RIPE pantheon. If you add address policy, database and RIPE services to the mix, you get a pretty packed five days with topics that would appeal to most Internet folks. more

Legal Controls on Extreme End-to-End Encryption (ee2ee)

One of the most profoundly disruptive developments occurring in the cyber security arena today is the headlong rush by a set of parties to ubiquitously implement extreme End-to-End (e2e) encryption for communication networks using essentially unbreakable encryption technology. A notable example is a new version of Transport Layer Security (TLS) known as version 1.3. The activity ensues largely in a single venue... more

Brands and Domains Conference Recap

The best and most knowledgeable experts of dot Brand met in the Brands and Domains conference, on October 2 and 3 in the Hague, Netherlands. Brand and project owners were also present, coming from all around the world -- from Australia or Japan to the USA and Canada. The keynote by Georges-Edouard Dias, CEO of Quantstreams and founder of the concept of brand hospitality, explained how customers are not anymore the targets of brands. more

The Hack Back Bill in Congress is Better Than You'd Expect

Rep's Graves and Sinema recently introduced H.R. 4036, the catchily named Active Cyber Defense Certainty Act or ACDC act which creates some exceptions to criminal parts of computer crime laws. Lots of reports have decried "hack back" but if you read the bill, it's surprisingly well targeted. The first change is to what they call Attributional Technology, and says it's OK to put bait on your computer for an intruder intended to identify the intruder. more

Equifax Breach: 9 Fraud Prevention Steps Everyone Should Take

The U.S. Internet Revenue Service now says that criminals already had most of the information that credit bureau Equifax lost in a breach that revealed personal information about nearly 150 million people. The incident at Equifax and the IRS' mid-October admission of how much-stolen data was already in criminal hands may force changes in how the world handles personal information. more

Internet Week Guyana Advances Caribbean Tech Development Agenda

Around the world, the growing sophistication of cyber criminals is challenging the capacity of governments, businesses and individuals to defend themselves. In the Caribbean, governments are forging strategic partnerships with regional actors like the Caribbean Telecommunications Union (CTU) and the Caribbean Network Operators Group (CaribNOG), the region's largest volunteer-based community of network engineers, computer security experts and tech aficionados. more

Two More Crypto Holes

If you work in computer security, your Twitter feed and/or Inbox has just exploded with stories about not just one but two new holes in cryptographic protcols. One affects WiFi; the other affects RSA key pair generation by certain chips. How serious are these? I'm not going to go through the technical details. For KRACK, Matthew Green did an excellent blog post; for the other, full details are not yet available. There are also good articles on each of them. What's more interesting are the implications. more

News Briefs

Russian-Speaking MoneyTaker Group Suspected of Stealing $10M From Companies in Russia, UK and US

Worldwide Security Spending to Reach $96 Billion in 2018, Up 8 Percent from 2017, Says Gartner

Russia in Talks to Create Independent DNS

U.S. Government Takes Steps Towards Increased Transparency for Vulnerabilities Equities Process

Russia Targeted British Telecom, Media, Energy Sectors, Reveals UK National Cyber Security Centre

Airplanes Vulnerable to Hacking, Says U.S. Department of Homeland Security

Poland to Test a Cybersecurity Program for Aviation Sector

Former Yahoo CEO Marissa Mayer Apologizes for Data Breach, Blames Russian Agents

Cloudflare Uses Lava Lamps to Generate Encryption Keys

US Department of Defense Getting Aggressive on Adoption of Cloud, Machine Learning

Cyber Espionage Group, Snowbug Targets South American Foreign Policy

Researchers Find One-Third of IPv4 Address Space Under Some Type of DoS Attack

Security Researchers are Warning About a New IoT Botnet Storm Brewing

Dell Loses Key Customer Support Domain Name for a Month, Site Exposed to Questionable Content

Canada's Electronic Spy Agency Makes Its Malware Analysis Tool Public

Google Launcheds Advanced Protection Program for "High-Risk" Users

Security Flaw in TPM Chips Allows Attacks on RSA Private Keys

KRACK Attack Can Affect All Modern WiFi Networks, Researchers Have Disclosed

EFF Resigns from World Wide Web Consortium (W3C) over EME Decision

China to Create National Cyberattack Database

Most Viewed

Most Commented

Taking Back the DNS

Fake Bank Site, Fake Registrar

When Registrars Look the Other Way, Drug-Dealers Get Paid

Who Is Blocking WHOIS? Part 2

ICANN Complaint System Easily Gamed

Verisign Updates – Sponsor

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Verisign has qualified for the Online Trust Alliance's (OTA) 2017 Honor Roll for showing a commitment to best practices in security, privacy and consumer protection. This is the fifth consecutive year that Verisign has received this honor. more

Attacks Decrease by 23 Precent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

Verisign has released its latest DDoS Trends Report for the first quarter of this year representing a unique view into the attack trends unfolding online. more

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Verisign has just released Q4 2016 DDoS Trends Report providing a unique view into the attack trends unfolding online through observations and insights derived from distributed denial of service (DDoS) attack mitigations, enacted on behalf of Verisign DDoS Protection Services, and security research conducted by Verisign iDefense Intelligence Services. more

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

Verisign has released its Q3 2016 DDoS Trends Report providing a unique view into online distributed denial of service (DDoS) attack trends from mitigations enacted on behalf of Verisign DDoS Protection Services and research conducted by Verisign iDefense Security Intelligence Services. more

Defending Against Layer 7 DDoS Attacks

Layer 7 attacks are some of the most difficult attacks to mitigate because they mimic normal user behavior and are harder to identify. Verisign's recent trends show that DDoS attacks are becoming more sophisticated and complex, including an increase in application layer attacks. more

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

Verisign today released its Q2 2016 DDoS Trends Report providing a unique view into online distributed denial of service (DDoS) attack trends from mitigations enacted on behalf of customers of Verisign DDoS Protection Services, and research conducted by Verisign iDefense Security Intelligence Services. more

Verisign Named to the Online Trust Alliance's 2016 Honor Roll

Verisign is pleased to announce that it has qualified for the Online Trust Alliance's (OTA) 2016 Honor Roll for showing a commitment to best practices in security, privacy and consumer protection. more

Industry Updates

Participants – Random Selection