Cybersecurity

Sponsored
by

Cybersecurity / Featured Blogs

Fake Apps Are a Real Problem

In the short ten years that they've been around, mobile apps have grown to become a staple of modern digital life. With more than five million apps currently available for download in the major app stores, and with over 2,000 new apps being uploaded every day, mobile apps are big business. Fifty-eight percent of shoppers consistently browse e-commerce apps and 49% of all website traffic now comes directly from mobile app users. All this browsing directly translates into spending. more

What to Make of the Inaugural NetThing 2019

The last Australian Internet Governance Forum (auIGF) was held in October 2016 before the annual event was cancelled as part of an auDA review. Three years on and the auIGF replacement – NetThing – was held in Sydney on 28 October 2019, though I was surprised to see that this Australian Internet event no longer had an associated .au domain name, instead choosing to go with NetThing.info. more

IGF2019 Observation: Compare Chancellor Merkel's Digital Sovereignty with Chinese and U.S. Version

The 2019 UN IGF is right now being held in Berlin and entering the last day. There has been a wide range of exciting discussions. It is a huge step forward that this year's IGF has been able to bring a plethora of topics together under a framework of thinking after the efforts done by the UN Secretary-General António Guterres' High-Level Panel on Digital Cooperation (The Age of Digital Interdependence) and by German scholars' engagement with all the stakeholders... more

Recognizing Lessons Learned From the First DNSSEC Key Rollover, a Year Later

A year ago, under the leadership of the Internet Corporation for Assigned Names and Numbers (ICANN), the internet naming community completed the first-ever rollover of the cryptographic key that plays a critical role in securing internet traffic worldwide. The ultimate success of that endeavor was due in large part to outreach efforts by ICANN and Verisign which, when coupled with the tireless efforts of the global internet measurement community, ensured that this significant event did not disrupt internet name resolution functions for billions of end users. more

Advancing Cyberstability: Protect the Public Internet Core and Improve Cyber Hygiene

The Paris Peace Forum (PPF), established by the French president Emanual Macron, was picked by the Global Commission for Stability in Cyberspace (GCSC) to launch its final report "Advancing Cyberstability" for good reasons: The Internet isn't just a purely technical issue with some political implications anymore. On the eve of the 2020s, the management of cyberspace is a global problem, a matter of international security, a question of war or peace. more

Cybersecurity Standards Practices as Cyber Threats

One of the most embarrassing and pernicious realities in the world of cybersecurity is the stark reality that some industry cybersecurity standards practices are themselves cyber threats. How so? Most industry and intergovernmental standards bodies serve as means for assembling the constantly evolving collective knowledge of participant experts and package the resulting specifications and best practices as freely available online documents to a vast, diverse universe of users. more

More Privacy for Domain Registrants – Heightened Risk for Internet Users

A recent exchange on CircleID highlighted a critical need for data to inform the debate on the impact of ICANN's post-GDPR WHOIS policy that resulted in the redaction of domain name registrant contact data. A bit of background: in my original post, I made the point that domain name abuse had increased post-GDPR. A reader who works with a registrar (according to his bio) commented: "Can you back up that statement with data? Our abuse desk has actually seen a reduction in abuse complaints." more

Doing Our Part for a Safer, Stronger DNS

Public Interest Registry is the industry leader of DNS Anti-Abuse efforts on the Internet. Since our inception, we have worked to empower people and organizations that use the Internet to make the world a better place. Whether a .ORG is the foundation of an individual voice, a global non-profit, or any organization that is part of the mission-driven .ORG community, we are proud to have earned the trust of so many dedicated users. more

Part 2: Let's Have an Honest Conversation About Huawei

In the first section of this piece, I argued that the anti-Huawei litany only makes sense when one realizes that it is the Chinese state, not a global telecommunication equipment manufacturer based in China, is the target of this attack. China, in this view, is an integrated monolith, and any Chinese firm can be ordered to do the government's will without any legal, political, or economic checks and balances. more

Blasphemy: The U.S. Problem Is Huawei's Security Is Too Good

Everyone knows the $100B/year U.S. security apparatus taps almost the entire Internet. Friendly governments help from Australia to Canada to France. Companies like AT&T, Ericsson, Verizon, and Nokia obviously cooperate. The NSA assumes that China is attempting to do the same and that Huawei, as a Chinese company, will provide assistance. The evidence suggests otherwise. Huawei is the primary opponent of U.S. security. more

Industry Updates

Using Threat Intelligence Feeds to Prevent Orcus RAT Infections

Billtrust Breach: Can Threat Intelligence Platforms Help with Ransomware Prevention?

Post NordVPN Data Exposure: Using Domain Threat Intelligence to Prevent MitM Attacks

InterMed Breach: How Threat Intelligence Sources Help Maintain Domain Integrity

BriansClub & PoS Malware Attacks: How Threat Intelligence Solutions Help Prevent Payment Card Theft

How Reverse WHOIS Search Can Help Protect Against MegaCortex and Other Ransomware

The Web.com Data Breach: A Quick Investigation with Domain Reputation Lookup

Do Security Service Providers Need Their Own Data Scientists?

SOAR Versus SIEM: The Fundamental Differences

Being Cybersecure Is Not Enough, Become Cyber-Resilient Instead

Is Your Organization Mature Enough for Security Orchestration, Automation, and Response?

Can Security Analytics Combat Digital Fraud with IP and Domain Name Monitoring?

Afilias Endorses Global Commission on the Stability of Cyberspace Final Report at Paris Peace Forum

Moving from the Castle-and-Moat to the Zero-Trust Model

What to Look for in Digital Forensics and Incident Response Experts