Cybersecurity

Sponsored
by

Noteworthy

IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Cybersecurity / Recently Commented

Russia Becoming a Spam Superpower

Russia might be a country trying to regain superpower status, but it has already reached it in one less welcome area -- the amount of spam it sends to the world. According to Sophos's Q4 2007 spam report, the country now deserves the moniker of 'spam superpower' having seen its share of total volumes rise dramatically over the last year, to put it in firmly in second place behind arch-rival, the US. more

Upcoming Domain Pulse 2008 Within Central Europe

Domain Pulse, the yearly get-together of the German-speaking registries of nic.at (Austria), Denic (Germany) and SWITCH (Switzerland) is happening on February 21 and 22 in Vienna. The conference alternates between the countries -- last year it was Switzerland, this year Austria and next year Germany... Domain Pulse covers everything in the domain name arena from management of the DNS, what's happening in each of the ccTLDs, after market and domaining, security threats to the DNS and internet as well as wider issues affecting the internet's development such as internet governance. more

Fast Flux Hosting a Mounting and Serious Threat to Online Activities

ICANN Security and Stability Advisory Committee (SSAC) has released a report [PDF] describing the technical aspects of fast flux hosting and fast flux service networks. From the report: "Fast flux" is an evasion technique that cyber-criminals and Internet miscreants use to evade identification and to frustrate law enforcement and anticrime efforts aimed at locating and shutting down web sites used for illegal purposes. more

Facebook Apps on Any Website: A Clever Move? Or a Security Nightmare?

Well, given the amount of malicious JavaScript, malware, and other possibilities to use Facebook (and other similar social networking platforms) for abuse, I certainly wouldn't categorize this news as a "clever move"... In fact, I foresee this as an extraordinarily short-sighted move with far-reaching security implications -- which will allow the levels of malicious abuse to reach new heights. more

Client-based WDS: Providing Application Acceleration in Mobile and VPN Environments

Wide-Area Data Services (WDS), aka "WAN Optimization" is becoming the most effective way to improve application performance while reducing network traffic. In scenarios where there is significant network latency that would otherwise render many applications unusable, WDS can deliver almost LAN-like speed. Where bandwidth constraints exist and there is no practical or economical option, WDS can help reduce network traffic, allowing you to postpone or avoid circuit upgrades altogether. The technology provides the ability to centralize applications and servers, furthering the cost savings on hardware, software licensing, maintenance and the operation of a distributed architecture. more

Cyberattack Causes Power Blackout in Multiple Cities

A cyberattack has caused a power blackout in multiple cities outside the United States, the CIA has warned. The SANS Institute, a computer-security training body, reported the CIA's disclosure on Friday. CIA senior analyst Tom Donahue told a SANS Institute conference on Wednesday in New Orleans that the CIA had evidence of successful cyberattacks against critical national infrastructures outside the United States. more

CircleID's Top 10 Posts of 2007

Here is a list of the most viewed news and blog postings that were featured on CircleID in 2007. Best wishes for 2008. more

Phishers Consistently Using Shortened URLs as Means of Deception

Phishers are using shorter URLs for malicious sites in a bid to lend an air of legitimacy to threatening links. Internet Security Services, IBM's online-security division, claims to have noticed a significant drop in the number of characters used by fraudsters in their phishing URLs... more

USA Today: Spam Is Bad

A reasonably well informed article in Thursday's USA Today reminds us that in 2004 Bill Gates said the spam problem would be solved in early 2006, but here at the end of 2007 there's more spam than ever. They go through a laundry list of problems of spambots, new kinds of PDF and MP3 spam, and phishing, and a list of of partial or non-solutions including filters, walled gardens, and an odd system called Boxbe, a hybrid of whitelists, challenge/response, and pay for delivery. Oh, and Bill says he never said spam would be solved... more

Despite Security Mechanisms, Still Relatively Easy to Hack DNS

Amit Klein recently released details on DNS server cache poisoning attacks that affect BIND (Berkeley Internet Name Domain) and Windows DNS servers. It goes to show that every time you think a problem with a well-known protocol or service has been solved, it may not be. more

Leading a Horse to Water

It is one thing to bring broadband internet to the masses, but how do we make them drink from the fountain of knowledge? One of the challenges, of course, is that the industry has not yet sold turn-key applications that capture the imaginations of the unconnected. Surprising as it seems, email, Facebook, file swapping and web surfing have not yet attracted 100% of the population. Are there some applications that might lend themselves to a toll-free model in order to reach the rest of the market? more

How Big is the Storm Botnet?

The Storm worm has gotten a lot of press this year, with a lot of the coverage tending toward the apocalyptic. There's no question that it's one of the most successful pieces of malware to date, but just how successful is it? Last weekend, Brandon Enright of UC San Diego gave a informal talk at the Toorcon conference in which he reported on his analysis of the Storm botnet. According to his quite informative slides, Storm has evolved quite a lot over the past year... more

What Did the Bush Admin Promise the Telco's in Early 2001?

I have a hypothesis: The Bush administration came to power in December 2000. American telcos were on the precipice about to go into Free fall. We have seen how Bush politicized the Justice Department and are much more aware thanks to John Dean's Broken Government and Charlie Savage's Take Over of the intense desire to aggregate executive power to feed the Addingtons belief in the Unitary Executive. We now know that Cheney was meeting with the energy industry in early 2001 promising them whatever they wanted. We may begin to ask what the domestic telecoms industry was being promised? more

U.S. Government Denying The Internet to Enemies

The new National Strategy for Homeland Security, issued earlier this week by the White House, places a greater emphasis on the "uninterrupted use of the Internet and the communications systems, data, monitoring, and control systems that comprise our cyberinfrastructure." more

FON and BT: Wifi Today; Mobile Tomorrow?

A deal announced today between British Telecom and upstart FON allows BT's Internet customers to share their own broadband connections via WiFi and, in turn, be able to access WiFi free at "thousands" (doesn't say how many) of FON hotspots around the world operated by other Foneros... When you buy home Internet access from BT and opt into this plan, you are also buying roaming access at no extra charge. The technology is supposed to assure that the part of the connection which you share is segregated from your own access so that there are no security problems caused by the sharing. more

Industry Updates

Afilias Joins Global Commission on the Stability of Cyberspace

i2Coalition Releases Statement On Australian Encryption Law Passing

Neustar to Acquire Verisign's Security Services Customer Contracts

Q2 2018 DDoS Trends Report: 52 Percent of Attacks Employed Multiple Attack Types

Operational Update Regarding the KSK Rollover for Administrators of Recursive Name Servers

Q1 2018 DDoS Trends Report: 58 Percent of Attacks Employed Multiple Attack Types

DNS-Based Threats: Cache Poisoning

KSK Rollover Webinar to Be Held with ECO and ICANN Tuesday, April 24th

Q4 2017 DDoS Trends Report: Financial Sector Experienced 40 Percent of Attacks

DNS-Based Threats: DNS Reflection and Amplification Attacks

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Attacks Decrease by 23 Percent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

Leading Internet Associations Strengthen Cooperation

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate