Security

Noteworthy

 IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Security / News Briefs

UK Government Reports Nearly Half of Businesses Identified Cyber Security Breaches in the Past Year

The UK government has released the results of national cybersecurity survey revealing nearly seven in ten large companies in the country have identified a breach or attack in the past 12 months. more»

Researches Demonstrate How IPv6 Attacks Can Bypass Network Intrusion Detection Systems

With the increasing popularity of IoT devices and the added interest of transition to IPv6, a whole new range of threat vectors are evolving that allow attackers to set up undetectable communications channels across networks. more»

Permanent Denial-of-Service Attacks on the Rise, Incidents Involve Hardware-Damaging Assaults

Also known loosely as "phlashing" in some circles, Permanent Denial-of-Service (PDoS) is an increasing popular form of cyberattack that damages a system so badly that it requires replacement or reinstallation of hardware. more»

IRS Reports Hackers Accessed Data of Up to 100,000 People via Financial Aid Site for Students

U.S. Internal Revenue Service Commissioner (IRS) testified before the Senate Finance Committee stating the agency has discovered fraudsters could use someone's personal data to fill out a financial aid application, and the "Data Retrieval Tool" would populate the application with tax information. more»

Google to Distrust Symantec-Issued Certificates Amid Misuse

In a post on a developers’ forum, software engineer on the Google Chrome team Ryan Sleevi has announced Google’s plan to start gradually distrust all existing Symantec-issued certificates. more»

Cisco Warning Software Used in Hundreds of Its Products Vulnerable to Critical Security Flaw

The security flaw was discovered by the company's own security researchers in WikiLeaks' most recent disclosure of classified information, released last week. more»

Over a Billion Email Addresses of Major Spam Operation Exposed via Unprotected Backups

A spamming group called River City Media (RCM) has had its database of 1.4 billion records leaked. This was revealed today by MacKeeper Security Researcher, Chris Vickery in cooperation with CSO Online and Spamhaus. more»

New Cybersecurity Regulations in New York Go Into Effect

Major financial firms operating in New York will face stiff cybersecurity obligations starting Wednesday under a new regulation introduced in the city. more»

Security Researchers Announce First SHA-1 Collision, Confirming Fears About Its Vulnerabilities

In a joint announcement today, Dutch research institute CWI and Google revealed that they have broken the SHA-1 internet security standard "in practice". more»

Hacked ICANN Data Still Selling on Black Market Years After Breach

"Three years after hackers used a spearphishing attack to successfully gain access to internal data at the Internet Corporation for Assigned Names and Numbers (ICANN), the data is still being passed around and sold on black markets for $300, complete with claims that it’s never been leaked before," reports Patrick O'Neill in CyberScoop. more»

Interpol's Michael Moran Receives 2017 M3AAWG Litynski Award

Michael "Mick" Moran, who has helped rescue thousands of child abuse material victims since he started working in the field in 1997, challenged the internet industry to do more to protect innocent children as he received the 2017 M3AAWG Mary Litynski Award. more»

Deloitte: DDoS Attacks to Enter Terabit Era in 2017

Distributed Denial-of-Service (DDoS) attacks will become larger in scale, harder to mitigate and more frequent, says Deloitte in its annual Global Predictions report. more»

Security Expert Bruce Schneier Calls for Creation of New Government Agency for IoT Regulation

During a talk at the RSA Conference, security expert Bruce Schneier called for the creation of a new government agency that focuses on internet of things regulation, arguing that "the risks are too great, and the stakes are too high" to do nothing. more»

Microsoft's Brad Smith Calls for a 'Digital Geneva Convention' to Protect Civilians

In a blog post published today on Microsoft's website, company President and Chief Legal Officer, Brad Smith, has raised concerns over escalating cyberattcks over the past year and the need for a Digital Geneva Convention. more»

Trump to Sign Cybersecurity Executive Order on Tuesday

President Donald Trump expected to sign an executive order on cyber security on Tuesday. more»