Security

Noteworthy

 IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Security / News Briefs

Internet Society Urges for Increased Effort to Address Unprecedented Challenges Facing the Internet

During the 11th Internet Governance Forum (IGF), a United Nations-convened conference taking place in Mexico, 6-9 December, the Internet Society urged the global Internet community to redouble its efforts in addressing the wave of unprecedented challenges facing the Internet. more»

BITAG Outlines Steps to Dramatically Improve the Security and Privacy of IoT Devices

Broadband Internet Technical Advisory Group (BITAG) today released a report outlining a set of guidelines it believes could dramatically improve the security and privacy of IoT devices and minimize the costs associated with the collateral damage that would otherwise affect both end users and ISPs. more»

Russian Security Firm Kaspersky Announces Its Own Secure OS, 14 Years in the Making

"I've anticipated this day for ages -- the day when the first commercially available mass market hardware device based on our own secure operating system landed on my desk," writes Eugene Kaspersky, Chairman and CEO of Kaspersky Lab, in a blog post introducing company's layer 3 switch powered by Kaspersky OS. more»

Akamai: DDoS Attacks Increased 71 Percent in Q3 2016 as Compared to Q3 2015

Akamai releases its Third Quarter, 2016 State of the Internet / Security Report, providing analysis of the current cloud security and threat landscape, including insight into two record setting DDoS attacks caused by the Mirai botnet. more»

Major Russian Banks Under a Multi-Day Cyberattack

The attack began Tuesday afternoon, and continued for two days straight, according to a source close to Russia‚Äôs Central Bank quoted by RIA Novosti. Sberbank confirmed the DDoS attack on its online services. more»

There are Reports of Widespread Post-Election Spear Phishing Campaigns Targeting Think Tanks, NGOs

In the wake of the 2016 United States Presidential Election, not even six hours after Donald Trump became the nation's President-Elect, an advanced persistent threat (APT) group launched a series of coordinated and well-planned spear phishing campaigns. more»

U.S. House Committee to Hold Hearing on Recent Cyberattacks

U.S. Subcommittee on Communications & Technology and the Subcommittee on Commerce, Manufacturing, and Trade have announced a joint hearing to examine recent cyberattacks. more»

Researchers Demonstrate How Smart Bulbs Can Be Hacked to Cause Mass Disruptions

A team of researchers have released a report detailing a new type of threat in which adjacent IoT devices, such as Internet-connected light bulbs, will infect each other with a worm that will spread explosively over large areas in a kind of nuclear chain reaction. more»

Increasingly Aggressive Russia, Cyberwarfare a Growing Threat to UK, Says MI5 Chief

"In the first newspaper interview given by an incumbent MI5 chief in the service's 107-year history, Andrew Parker said that at a time when much of the focus was on Islamic extremism, covert action from other countries was a growing danger. Most prominent was Russia," Ewen MacAskill and Paul Johnson reporting in The Guardian. more»

NIST Publishes Guide for DNS-Based Email Security, Draft Open for Public Comments

The National Cybersecurity Center of Excellence (NCCoE) has invited comments on a draft practice guide to help organizations improve email security and defend against phishing, man-in-the-middle, and other types of email-based attacks. more»

UK Raises Cybersecurity Spending to $2.3 Billion

Britain's finance minister on Tuesday announced government's new five year National Cyber Security Strategy, almost doubling the funding from its 2011 plan to 1.9 billion-pound ($2.3 billion). more»

US DMCA Rules Updated - Now Legal to Hack Devices, Cars, Video Games, If Done in 'Good Faith'

The U.S. government has released an updated version of the Digital Millennium Copyright Act (DMCA), adding a list of new exemptions that will protect cybersecurity professionals from prosecution over reverse-engineering of products for research purposes. more»

New Technique Detects and Eliminates Abusive Domains at Time of Registration

A team of researchers from Princeton University and the University of California has developed a machine-learning algorithm named PREDATOR that can accurately establish domain reputation at the time of domain registration. more»

Experts Concerned Over Looming Security Risks of Ultrasonic Cross-Device Tracking

In the upcoming Black Hat London presentation, security researcher from University College London, Vasilios Mavroudis and colleagues are going to describe and demonstrate the practical security and privacy risks that arise with the adoption systems enabled with ultrasonic cross-device tracking (uXDT). more»

No Apparent Financial or Political Motivation Behind Dyn DDoS Attacks, Says Intelligence Firm

In an after-action analysis of the Mirai botnet attacks on Dyn, business intelligence firm, Flashpoint has assessed with "a moderate degree of confidence" that the perpetrators behind the attack were most likely not politically motivated, and most likely not nation-state actors. more»