Cybersecurity

Sponsored
by

Noteworthy

IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Blogs

Internet Hall of Fame Inductees Gather at GNTC to Discuss New Generation of Internet Infrastructure

Confronted with the rapid development of the Internet, the traditional network is facing severe challenges. Therefore, it is imperative to accelerate the construction of global network infrastructure and build a new generation of Internet infrastructure to adapt to the Internet of Everything and the intelligent society. From November 28 to 30, 2017, "GNTC 2017 Global Network Technology Conference" organized by BII Group and CFIEC, will see a grand opening in Beijing. more

Qatar Crisis Started With a Hack, Now Political Tsunami in Saudi Arabia - How Will You Be Impacted?

The world has officially entered what the MLi Group labels as the "New Era of The Unprecedented". In this new era, traditional cyber security strategies are failing on daily basis, political and terrorist destruction-motivated cyber attacks are on the rise threatening "Survivability", and local political events unfold to impact the world overnight and forever. Decision makers know they cannot continue doing the same old stuff, but don't know what else to do next or differently that would be effective. more

Enabling Privacy Is Not Harmful

The argument for end-to-end encryption is apparently heating up with the work moving forward on TLSv1.3 currently in progress in the IETF. The naysayers, however, are also out in force, arguing that end-to-end encryption is a net negative... The idea of end-to-end encryption is recast as a form of extremism, a radical idea that should not be supported by the network engineering community. Is end-to-end encryption really extremist? Is it really a threat to the social order? more

RIPE 75: Imprssions of the Meeting

RIPE held its 75th meeting in Dubai in mid-October. As usual, there was a diverse set of presentations covering a broad range of activities that are taking place on today's Internet. The topics include issues relating to network operations, regulatory policies, peering and interconnection, communications practices within data centers, IPv6, the DNS, routing and network measurement. If that's not enough, the topic of the Internet of Things has been added as a Working Group in the RIPE pantheon. If you add address policy, database and RIPE services to the mix, you get a pretty packed five days with topics that would appeal to most Internet folks. more

Legal Controls on Extreme End-to-End Encryption (ee2ee)

One of the most profoundly disruptive developments occurring in the cyber security arena today is the headlong rush by a set of parties to ubiquitously implement extreme End-to-End (e2e) encryption for communication networks using essentially unbreakable encryption technology. A notable example is a new version of Transport Layer Security (TLS) known as version 1.3. The activity ensues largely in a single venue... more

Brands and Domains Conference Recap

The best and most knowledgeable experts of dot Brand met in the Brands and Domains conference, on October 2 and 3 in the Hague, Netherlands. Brand and project owners were also present, coming from all around the world -- from Australia or Japan to the USA and Canada. The keynote by Georges-Edouard Dias, CEO of Quantstreams and founder of the concept of brand hospitality, explained how customers are not anymore the targets of brands. more

The Hack Back Bill in Congress is Better Than You'd Expect

Rep's Graves and Sinema recently introduced H.R. 4036, the catchily named Active Cyber Defense Certainty Act or ACDC act which creates some exceptions to criminal parts of computer crime laws. Lots of reports have decried "hack back" but if you read the bill, it's surprisingly well targeted. The first change is to what they call Attributional Technology, and says it's OK to put bait on your computer for an intruder intended to identify the intruder. more

Equifax Breach: 9 Fraud Prevention Steps Everyone Should Take

The U.S. Internet Revenue Service now says that criminals already had most of the information that credit bureau Equifax lost in a breach that revealed personal information about nearly 150 million people. The incident at Equifax and the IRS' mid-October admission of how much-stolen data was already in criminal hands may force changes in how the world handles personal information. more

Internet Week Guyana Advances Caribbean Tech Development Agenda

Around the world, the growing sophistication of cyber criminals is challenging the capacity of governments, businesses and individuals to defend themselves. In the Caribbean, governments are forging strategic partnerships with regional actors like the Caribbean Telecommunications Union (CTU) and the Caribbean Network Operators Group (CaribNOG), the region's largest volunteer-based community of network engineers, computer security experts and tech aficionados. more

Two More Crypto Holes

If you work in computer security, your Twitter feed and/or Inbox has just exploded with stories about not just one but two new holes in cryptographic protcols. One affects WiFi; the other affects RSA key pair generation by certain chips. How serious are these? I'm not going to go through the technical details. For KRACK, Matthew Green did an excellent blog post; for the other, full details are not yet available. There are also good articles on each of them. What's more interesting are the implications. more

The Darkening Web: Is there Light at the end of the Tunnel?

In his book "The Darkening Web: The War for Cyberspace" (Penguin Books, New York 2017), Alexander Klimburg, an Austrian-American academic, gives "Internet Dreamers" a "Wake Up Call". He tells us the background-story why people start to be "anxious about the future of the Internet", as the recent ISOC Global Internet Report "Paths to Our Digital Future" has recognized. Klimburg refers to Alphabets CEO Erich Schmidt, who once said that "the Internet is the first thing that humanity has built that humanity does not understand". more

Celebrating 167 Years of Public International Law for Cyber Security

On 30 September 1850 at Dresden, the first international treaty was issued among the first sovereign nations to internet their national electronic communication networks. It was known as the Dresden Convention, and culminated several weeks hammering out basic requirements and techniques to implement an internet spanning the Austro-German European continent at the time, and established a continuing "Union" of signatories to evolve the provisions of the treaty. more

"Keep Those Eyebrows Up!" - Cybersecurity at the Global Women's Forum

News of cyberattacks is slowly becoming a new normal. We are still at a stage where high-profile cases, like the recent attack against the American credit reporting company Equifax, in which 145.5 million users had their personal information compromised, raise eyebrows. But we need those eyebrows to stay up because we should never accept cyber threats as the new normal. more

Why I Want a .PAYPAL New gTLD

I use Paypal, and I am quite satisfied with how it helps me with my business: it is still a little hard to use, and I don't use all functions of the tool, but it is not so expensive, it is fast and efficient, and Paypal does not send so many emails. In one word, Paypal rocks... The only problem that I have with Paypal is the number of fake emails that I receive. Of course, I easily identify them as they come in and luckily, G Suite (Gmail) does an excellent job at blocking all spam and phishing. more

A Closer Look at Postponing of the Root Zone KSK Rollover Decision

On Sept. 27, Internet Corporation for Assigned Names and Numbers (ICANN) announced that the first root zone Key Signing Key (KSK) rollover - originally scheduled to take place on Oct. 11 - will be postponed. Although this was certainly a difficult decision, we fully agree that erring on the side of caution is the best approach to take. In this blog post, I want to explain some of the involvement Verisign has had in KSK rollover preparations, as well as some of the recently available research opportunities which generated data that we shared with ICANN related to this decision. more

News Briefs

U.S. Government Takes Steps Towards Increased Transparency for Vulnerabilities Equities Process

Russia Targeted British Telecom, Media, Energy Sectors, Reveals UK National Cyber Security Centre

Airplanes Vulnerable to Hacking, Says U.S. Department of Homeland Security

Poland to Test a Cybersecurity Program for Aviation Sector

Former Yahoo CEO Marissa Mayer Apologizes for Data Breach, Blames Russian Agents

Cloudflare Uses Lava Lamps to Generate Encryption Keys

US Department of Defense Getting Aggressive on Adoption of Cloud, Machine Learning

Cyber Espionage Group, Snowbug Targets South American Foreign Policy

Researchers Find One-Third of IPv4 Address Space Under Some Type of DoS Attack

Security Researchers are Warning About a New IoT Botnet Storm Brewing

Dell Loses Key Customer Support Domain Name for a Month, Site Exposed to Questionable Content

Canada's Electronic Spy Agency Makes Its Malware Analysis Tool Public

Google Launcheds Advanced Protection Program for "High-Risk" Users

Security Flaw in TPM Chips Allows Attacks on RSA Private Keys

KRACK Attack Can Affect All Modern WiFi Networks, Researchers Have Disclosed

EFF Resigns from World Wide Web Consortium (W3C) over EME Decision

China to Create National Cyberattack Database

Bluetooth-Based Attack Vector Dubbed "BlueBorne" Exposes Almost Every Connected Device

U.S. Navy Investigating Possibility of Cyberattack Behind Two Navy Destroyer Collisions

Equifax Breach Blamed on Open-Source Software Flaw

Most Viewed

Most Commented

Taking Back the DNS

Fake Bank Site, Fake Registrar

When Registrars Look the Other Way, Drug-Dealers Get Paid

Who Is Blocking WHOIS? Part 2

ICANN Complaint System Easily Gamed

Verisign Updates – Sponsor

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Verisign has qualified for the Online Trust Alliance's (OTA) 2017 Honor Roll for showing a commitment to best practices in security, privacy and consumer protection. This is the fifth consecutive year that Verisign has received this honor. more

Attacks Decrease by 23 Precent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

Verisign has released its latest DDoS Trends Report for the first quarter of this year representing a unique view into the attack trends unfolding online. more

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Verisign has just released Q4 2016 DDoS Trends Report providing a unique view into the attack trends unfolding online through observations and insights derived from distributed denial of service (DDoS) attack mitigations, enacted on behalf of Verisign DDoS Protection Services, and security research conducted by Verisign iDefense Intelligence Services. more

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

Verisign has released its Q3 2016 DDoS Trends Report providing a unique view into online distributed denial of service (DDoS) attack trends from mitigations enacted on behalf of Verisign DDoS Protection Services and research conducted by Verisign iDefense Security Intelligence Services. more

Defending Against Layer 7 DDoS Attacks

Layer 7 attacks are some of the most difficult attacks to mitigate because they mimic normal user behavior and are harder to identify. Verisign's recent trends show that DDoS attacks are becoming more sophisticated and complex, including an increase in application layer attacks. more

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

Verisign today released its Q2 2016 DDoS Trends Report providing a unique view into online distributed denial of service (DDoS) attack trends from mitigations enacted on behalf of customers of Verisign DDoS Protection Services, and research conducted by Verisign iDefense Security Intelligence Services. more

Verisign Named to the Online Trust Alliance's 2016 Honor Roll

Verisign is pleased to announce that it has qualified for the Online Trust Alliance's (OTA) 2016 Honor Roll for showing a commitment to best practices in security, privacy and consumer protection. more

Industry Updates

Participants – Random Selection