IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.A widespread compromise of consumer-grade small office/home office (SOHO) routers has been discovered by threat intelligence group Team Cymru. According to the report, "attackers are altering the DNS configuration on these devices in order to redirect victims DNS requests and subsequently replace the intended answers with IP addresses and domains controlled by the attackers, effectively conducting a Man-in-the-Middle attack." more»
A recent research seems to indicate that financial industries should increase the security standards they use for their mobile home banking solutions. IOActive Labs recently performed a black box and static analysis of worldwide mobile home banking apps. The research used iPhone/iPad devices to test a total of 40 home banking apps from the top 60 most influential banks in the world. more»
Jim Cowie of Renesys reports: Traffic interception has certainly been a hot topic in 2013. The world has been focused on interception carried out the old fashioned way, by getting into the right buildings and listening to the right cables. But there's actually been a significant uptick this year in a completely different kind of attack. more»
The Latin America and Caribbean Domain Name System (LAC DNS) Forum will be held on November 15, 2013 in Buenos Aires, Argentina. This follows on a similar initiative that took place at ICANN 47 in Durban, South Africa. The event's global, regional and local organizers plan to address key online issues, including more regional involvement with Internet governance. more»
Internet security has been a primary focus this week for more than 1100 engineers and technologists from around the world gathered at the 88th meeting of the Internet Engineering Task Force (IETF). Participants are rethinking approaches to security across a wide range of technical areas. more»
During a speech last week at the Internet Governance Forum in Bali, Jari Arkko, IETF's chair, re-emphasized it's efforts to ramp up online security in light of recent revelations of mass internet surveillance. "Perhaps the notion that internet is by default insecure needs to change," Arkko said. Significant technical fixes "just might be possible." more»
John Crain has been named ICANN's new Chief Security, Stability and Resiliency Officer. In this newly created position Crain will assume the responsibilities of Jeff Moss, who announced he is stepping down from his position as Chief Security Officer at the end of the year. more»
A major artery in Israel's national road network in the northern city of Haifa suffered a cyberattack, knocking key operations out of commission two days in a row and causing hundreds of thousands of dollars in damage. One expert, speaking on condition of anonymity because the breach of security was a classified matter, said a Trojan horse attack targeted the security camera apparatus in the Carmel Tunnels toll road on Sept. 8, reports the Associated Press. more»
A U.S. bureau on Tuesday unveiled a draft of voluntary standards that companies can adopt to boost cybersecurity -- part of an attempt to protect critical industries without setting restrictive and costly regulations. The National Institute of Standards and Technology (NIST), a nonregulatory agency that is part of the Department of Commerce, issued the so-called framework following input from some 3,000 industry and academic experts. more»
Rodney Joffe, Senior Technologist at Neustar, explaines that vehicles (beginning with 1998 models) are vulnerable to hacking, but manufacturers have been unable to fix the problem. In the video below, Joffe explains the challenge to cars and the possible threats that exist for other machines connected to a network. more»
ICANN has announced that Paul Mockapetris, inventor of the Domain Name System (DNS), has agreed to serve as Senior Security Advisor to the Generic Domains Division and its President, Akram Atallah. more»
In support of National Cyber Security Awareness Month, DDoS Awareness Day is a virtual, global event focused on raising awareness and education around the threat of DDoS attacks. Hosted by Neustar with and exclusive media partner CSO, DDoS Awareness Day brings together top experts in global security to share their views, technical tips and from-the-trenches experience. Attendees will also be given access to a wealth of DDoS materials: white papers, surveys, presentations, best practices and more. more»
Symantec has disabled part of one of the world's largest networks of infected computers, according to reports today. About 500,000 hijacked computers have been taken out of the 1.9 million strong ZeroAccess botnet. The zombie computers were used for advertising and online currency fraud and to infect other machines. Security experts warned that any benefits from the takedown might be short-lived. more»
In a recent blog post, Dan Jaffe, Association of National Advertisers' Executive VP of Government Relations, shares some concerns about ICANN's "overly rapid Top Level Domain rollout". more»
Bruce Schneier in an op-ed piece published in the Guardian on Thursday writes: "Government and industry have betrayed the internet, and us. By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract..." more»
