Security

Noteworthy

 IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Security / News Briefs

Google to Distrust Symantec-Issued Certificates Amid Misuse

In a post on a developers’ forum, software engineer on the Google Chrome team Ryan Sleevi has announced Google’s plan to start gradually distrust all existing Symantec-issued certificates. more»

Cisco Warning Software Used in Hundreds of Its Products Vulnerable to Critical Security Flaw

The security flaw was discovered by the company's own security researchers in WikiLeaks' most recent disclosure of classified information, released last week. more»

Over a Billion Email Addresses of Major Spam Operation Exposed via Unprotected Backups

A spamming group called River City Media (RCM) has had its database of 1.4 billion records leaked. This was revealed today by MacKeeper Security Researcher, Chris Vickery in cooperation with CSO Online and Spamhaus. more»

New Cybersecurity Regulations in New York Go Into Effect

Major financial firms operating in New York will face stiff cybersecurity obligations starting Wednesday under a new regulation introduced in the city. more»

Security Researchers Announce First SHA-1 Collision, Confirming Fears About Its Vulnerabilities

In a joint announcement today, Dutch research institute CWI and Google revealed that they have broken the SHA-1 internet security standard "in practice". more»

Hacked ICANN Data Still Selling on Black Market Years After Breach

"Three years after hackers used a spearphishing attack to successfully gain access to internal data at the Internet Corporation for Assigned Names and Numbers (ICANN), the data is still being passed around and sold on black markets for $300, complete with claims that it’s never been leaked before," reports Patrick O'Neill in CyberScoop. more»

Interpol's Michael Moran Receives 2017 M3AAWG Litynski Award

Michael "Mick" Moran, who has helped rescue thousands of child abuse material victims since he started working in the field in 1997, challenged the internet industry to do more to protect innocent children as he received the 2017 M3AAWG Mary Litynski Award. more»

Deloitte: DDoS Attacks to Enter Terabit Era in 2017

Distributed Denial-of-Service (DDoS) attacks will become larger in scale, harder to mitigate and more frequent, says Deloitte in its annual Global Predictions report. more»

Security Expert Bruce Schneier Calls for Creation of New Government Agency for IoT Regulation

During a talk at the RSA Conference, security expert Bruce Schneier called for the creation of a new government agency that focuses on internet of things regulation, arguing that "the risks are too great, and the stakes are too high" to do nothing. more»

Microsoft's Brad Smith Calls for a 'Digital Geneva Convention' to Protect Civilians

In a blog post published today on Microsoft's website, company President and Chief Legal Officer, Brad Smith, has raised concerns over escalating cyberattcks over the past year and the need for a Digital Geneva Convention. more»

Trump to Sign Cybersecurity Executive Order on Tuesday

President Donald Trump expected to sign an executive order on cyber security on Tuesday. more»

US Law-Enforcement Agencies Reported to be at Risk in Foreign-Owned Buildings

US law-enforcement agencies are at risk of being spied on and hacked because some of their field offices are located in foreign-owned buildings without even knowing it. more»

Data Breaches Reported During 2016 Exposed Over 4.2 Billion Records

2016 broke the previous all-time high, set back in 2013, for the number of records exposed from reported data breaches. more»

New Study Highlights Growing Risk, Lack of Urgency with Mobile and IoT Application Security

Despite widespread concern about the security of mobile and Internet of Things (IoT) applications, organizations are ill-prepared for the risks they pose, according to a research report issued today from Ponemon Institute, IBM Security, and Arxan Technologies. more»

Canadian Energy Firms at Bigger Risk of Cyberattack

The Canadian Security Intelligence Service (CSIS) is reported to have warned companies about an increasing risk of cyber espionage and attacks on pipelines, oil storage and shipment facilities. more»