Cybersecurity |
Sponsored by |
|
In 2021, we discussed a potential future shift from established public-key algorithms to so-called "post-quantum" algorithms, which may help protect sensitive information after the advent of quantum computers. We also shared some of our initial research on how to apply these algorithms to the Domain Name System Security Extensions, or DNSSEC. In the time since that blog post, we've continued to explore ways to address the potential operational impact of post-quantum algorithms on DNSSEC, while also closely tracking industry research and advances in this area. more
Because DNS is such an omnipresent part of modern networking, it's easy to assume that functional DNS infrastructure can be left running with minimal adjustments and only needs to be investigated in the event of a malfunction. Yet there are small telltale signs that precede DNS issues -- and knowing what they are can help to prevent disruption before it happens. more
In what is currently the largest healthcare industry data breach, Hospital Corporation of America (HCA) has confirmed the theft of 11 million patient records. HCA, one of the country's most prominent healthcare providers, believes the breach originated from an external storage system used for email automation. more
Just recently, Bluesky -- the decentralized social network running on an open protocol called AT Protocol -- announced that as a mechanism for supporting its business financially, it will directly sell domain names as handles for its users. The sales will be processed through an Internet Corporation for Assigned Names and Numbers (ICANN) accredited registrar, called Namecheap. Currently, the handles on social media platforms are internal handles and not independent domain names. more
Japan's largest maritime port, the Port of Nagoya, suffered significant disruption due to a cyberattack, allegedly by the Russian group Lockbit 3.0. The attack, involving ransomware that locks systems until a payment is made, resulted in a terminal outage on Tuesday, with operations expected to resume Thursday. more
In this article, I present an overview of a series of 'proof-of-concept' studies looking at the application of domain-name entropy as a means of clustering together related domain registrations, and serving as an input into potential metrics to determine the likely level of threat which may be posed by a domain. more
In a study published in the JAMA Network, evidence indicates that ransomware attacks on healthcare delivery organizations (HDOs) lead to substantial disruptions in patient care and emergency department workflows. more
Did you know that we are swimming in Domain Name System abuse? As an Internet user, you probably were not aware. Apparently, doomsday is near, and the Internet is going to explode in our face if we do not do something about "domain name system abuse." This doomsday narrative has nearly jeopardized multistakeholder governance. However, it may also compel us to reconsider the multistakeholder model and its relevance in governing the Internet and its associated technologies. more
U.S. military service members around the country have reported receiving unsolicited smartwatches by mail, triggering warnings from the Department of the Army Criminal Investigation Division (CID). more
As industries from agriculture to banking increasingly depend on space-based capabilities, safeguarding satellites from cyber threats has become paramount. In a groundbreaking move to address this, the U.S. military will stage Hack-A-Sat 4, a competition at the famed DEFCON hacker convention, inviting white-hat hacker teams to attempt to infiltrate and control computer systems on a satellite in orbit. more
Multiple US federal agencies are grappling with a global cyberattack exploiting a flaw in the widely-used MOVEit software. The US Cybersecurity and Infrastructure Security Agency (CISA) is working closely with the affected agencies to understand the impact and expedite remediation efforts. more
Public Interest Registry (PIR), a domain registration and management service for the .org top-level domain, has partnered with the American Red Cross, aiming to combat online fraud, especially in the context of fundraising in emergencies. The collaboration seeks to increase internet safety and enhance public trust in online donations to charitable causes. more
A report from Verizon Business's 16th annual Data Breach Investigations Report (DBIR) reveals a startling surge in the frequency and cost of cyberattacks. It analyzed 16,312 security incidents and 5,199 breaches, showing a sharp uptick in the cost of ransomware. more
At Verisign, we believe that continuous improvements to the safety and security of the global routing system are critical for the reliability of the internet. As such, we've recently embarked on a path to implement Resource Public Key Infrastructure (RPKI) within our technology ecosystem as a step toward building a more secure routing system. In this blog, we share our ongoing journey toward RPKI adoption and the lessons we've learned as an operator of critical internet infrastructure. more
Change is hard, and the larger the system, the slower the pace of change. There are just so many systems that need to change their behaviors, and the motivations of users, vendors, service providers, content generators and many others all vary. Getting all of us to change some aspect of our technology, platform or application set is hard, if not impossible, to orchestrate such that it happens at the same time. more
A World-Renowned Source for Internet Developments. Serving Since 2002.