Cybersecurity

Sponsored
by

Cybersecurity / Most Viewed

An Arms Race: The Struggle Between Security Firms and Cybercriminals

Any improvement in the way computers spot malicious software is matched by a change in tactics by the criminals that undermines that better protection. One particular tactic that has proved successful for the criminals is the pumping out of ever more copies and variants of their malware. The numbers of malware samples received by the security companies tells this story all by itself. more

US Ramping Up to Defeat Terrorism Online

Obama administration is ramping up its efforts to fight terrorism -- "How the US is working to defeat ISIS online" Kristina Wong reprots today in the Hill: "Driving the effort is the recently set up Global Engagement Center, housed at the State Department but led by retired Navy SEAL Cmdr. Michael Lumpkin, a former top Pentagon official." more

Obama Wants $355 Million for the Homeland Security Department's Cybersecurity Efforts in 2010

President Barack Obama wants $355 million for the Homeland Security Department's cybersecurity efforts in fiscal 2010, according to an overview of his budget proposal. The document states that Obama wants the $355 million to support Department of HomeLand Security's National Cybersecurity Division and the department's role in the Comprehensive National Cybersecurity Initiative (CNCI). The money would be "targeted to make private- and public-sector cyber infrastructure more resilient and secure," the document states. more

Reprot Suggests China Hacked High-Level Officials at Federal Deposit Insurance Corporation

The former chairman, chief of staff and general counsel of the agency were all infiltrated. more

British Banks Not Fully Reporting Cyber Attacks, Fear Punishment, Bad Publicity

"Britain's banks are not reporting the full extent of cyber attacks to regulators for fear of punishment or bad publicity, bank executives and providers of security systems say," reports Lawrence White in Reuters today. more

Website Security: Are Quantum Computers Going to Hack My Website?

No. Now, thank you for your attention. Last year, some security researchers were discussing a doomsday scenario, that without investing in quantum encryption, there would soon be no way to feel secure over the Internet. (I would add, that a feeling of security over the Internet is misleading at best.) Allow me to break down some of these security peculiarities, which could be worrisome. more

US Senators in Letter to Yahoo Say Late Hack Disclosure "Unacceptable"

"A group of Democratic U.S. senators on Tuesday demanded Yahoo Inc (YHOO.O) to explain why hackers' theft of user information for half a billion accounts two years ago only came to light last week and lambasted its handling of the breach as "unacceptable," reports Dustin Volz from Washington in Reuters. more

Coronavirus Online Threats Going Viral, Part 2: Marketplaces

In the midst of the coronavirus crisis and the partial or total quarantines happening around the world, more people are turning to eCommerce for their purchases. This, combined with the increased demand for healthcare and healthcare-related products, is causing surges of activity on online marketplaces. Perhaps least surprising is the growth in the number of listings for cleaning and hygiene products (e.g., hand sanitizer), as well as facemasks... more

Phishing 2020: A Concentrated Dose of Badness

How much phishing is there? Where is it occurring, and why? How can it be reduced? I and my colleagues at Interisle Consulting have just published a new study called Phishing Landscape 2020, designed to answer those questions. We assembled a deep set of data from four different, respected threat intelligence providers and enriched it with additional DNS data and investigation. The result is a look at phishing attacks that occurred in May through July 2020. more

Is Zoom's Server Security Just as Vulnerable as the Client Side?

Zoom programmers made elementary security errors when coding, and did not use protective measures that compiler toolchains make available. It's not a great stretch to assume that similar flaws afflict their server implementations. While Mudge noted that Zoom's Windows and Mac clients are (possibly accidentally) somewhat safer than the Linux client, I suspect that their servers run on Linux.Were they written with similar lack of attention to security? more

CENTR Has Released an Animated Video on ccTLDs and Their Technical Role Concerning Content

Due to increased legislative interest in this topic, CENTR says there is a pressing need for comprehensive educational material on the technical capabilities of the DNS, ccTLDs and their role in the internet ecosystem. more

US Election-Related Web Properties Prone to Fraud and Misinformation Due to Lack of Domain Security

The risks of fraud and disinformation in the U.S. election process have been hiding in plain sight. CSC's new research finds that a large majority of web domains closely linked to the campaign websites for Joe Biden and Donald Trump lack basic domain security protocols and are prone to domain spoofing tactics. This makes them a potential target for hackers looking to spread disinformation ahead of the election, and criminals who want to take advantage of voter intentions... more

Industry Updates

Enriching IP Blacklists Using a Reverse IP/DNS Database

Mergers and Acquisitions: Taking Care of Digital Brands During Entity Consolidation

CSC's Research on Election-Related Domains Aligns with Recent FBI and CISA Warning

Beefing Up Third-Party Risk Management with Reverse DNS Search

Strengthening Brand Protection with Subdomain Lookups: A Short Study

Attack Surface Monitoring: Two Ways to Detect Phishing Subdomains

Not All VPN Users Are Worth Trusting, a Lesson for Cloud Service Providers

Gathering Context Around Emotet, Trickbot, and Dridex C&C Servers with Bulk IP Geolocation

Rise in Domain Name Registrations Highlights the Need for Continued Vigilance

Augmenting Digital Risk Protection with Threat Intelligence Sources

Threat Intelligence Feeds in the Fight against Insurance-Themed Cyber Attacks

WHOIS History Footprint Tells Us More about the Man Behind the Biggest BLM Scam

The DNS Ecosystem, Its Vulnerabilities, and Threat Mitigations

100K+ List of Disposable Email Domains Under Security Analysis

Detecting Possible Domain Generation Algorithm-Related Threats Using Typosquatting Data Feed