IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Security / Recently Commented

ICANN to Work With VeriSign, US Government, to Address Core Internet Security Issue

ICANN announced today that it will work with the U.S. Department of Commerce's National Telecommunications and Information Administration (NTIA), the National Institute of Standards and Technology (NIST) and VeriSign on the goal of an operationally Signed Root Zone as soon as feasible in 2009. "We've been working towards a signed root for more than three years. In fact, ICANN has operated a root zone signing test bed for more than two years. So ICANN is aware of the urgency around signing the root to enhance stability and security" Paul Twomey, President and CEO of ICANN said. more»

Google Reveals Top 10 Malware Sites From Its Index

While scanning its index, Google in the last two months reports to have found more than 4,000 different websites suspected of distributing malware by massively compromising popular websites. "Of these domains more than 1,400 were hosted in the .cn TLD. Several contained plays on the name of Google such as, etc.," says Google's security team member, Niels Provos, in a blog post today. more»

Security Experts Criticize Obama's New Cybersecurity Plan, Say It's Full of Holes

Despite being a respectable start, security experts call the report overheated and "clear as mud"... while many experts applaud this new focus as vital to protecting critical U.S. infrastructure and economic institutions, some analysts have noted that the report fails to answer many key questions, contains a number of inconsistencies and possible inaccuracies, and generally exaggerates the threat to the country. "It's a plan for a plan," said O. Sami Saydjari, chairman of the Professionals for Cyber Defense. "Given how bureaucracies work, they tend not to come up with bold plans in 60 days. The hard problems have yet to be grappled with." more»

Mass Hacker Attack Reported on 40,000 Legitimate Websites

Hackers have compromised about 40,000 legitimate Websites, infecting them with malicious JavaScript that ultimately redirects users to a malicious site, says Websense. Security researchers at Websense say the tactics are reminiscent of the notorious RBN group. Although Websense would not name any of the compromised sites, researchers said the victims did not include any "big-name government or business sites." The compromised sites are redirecting users to typo-squatted misspellings of legitimate Google Analytics domains... more»

How a Resilient Society Defends Cyberspace

Seventy-five years ago today, on May 29th, 1934, Egyptian private radio stations fell silent, as the government shut them down in favor of a state monopoly on broadcast communication. Egyptian radio "hackers" (as we would style them today) had, over the course of about fifteen years, developed a burgeoning network of unofficial radio stations... It couldn't last. After two days of official radio silence, on May 31st, official state-sponsored radio stations (run by the Marconi company under special contract) began transmitting a clean slate of government-sanctioned programming, and the brief era of grass-roots Egyptian radio was over... more»

Obama: From Now On Digital Infrastructure Treated As Strategic National Asset

In a speech today from the White House, President Obama declared that the United States' computers and digital networks are strategic national assets and that he will personally appoint a cybersecurity coordinator to oversee the effort to protect this critical infrastructure. more»

Survey Finds "Complexity" as Most Common Challenge in Deploying DNSSEC

According to a recent survey conducted by the European Network and Information Security Agency (ENISA), 78% of service providers in Europe have plans to deploy DNSSEC within the next 3 years. On the other hand, the study also found 22% have no plans to deploy DNSSEC in the next 3 years. more»

Obama Expected to Announce "Cyber Czar" in a Few Days

President Obama is expected to announce late this week that he will create a "cyber czar," a senior White House official who will have broad authority to develop strategy to protect the nation's government-run and private computer networks, according to people who have been briefed on the plan... The announcement will coincide with the long-anticipated release of a 40-page report that evaluates the government's cybersecurity initiatives and policies. more»

A US Military-Funded Program Now Seeking High School and College Hackers

As part of a government information security review released as early as Friday, White House interim cybersecurity chief Melissa Hathaway likely will mention a new military-funded program aimed at leveraging an untapped resource: the U.S.' population of geeky high school and college students. The so-called Cyber Challenge, which will be officially announced later this month, will create three new national competitions for high school and college students intended to foster a young generation of cybersecurity researchers. more»

Kaspersky Impressed with Overall Conficker Botnet Operation

Cybercrime fighter Eugene Kaspersky can't help but be impressed by the slick operations behind the Conficker botnet, and says that it could have been worse had the botnet been after more than just money. "They are high-end engineers who write code in a good way ... They use cryptographic systems in the right way, they don't make mistakes -- they are really professional." Kaspersky says he's "60 per cent certain" that Conficker is being controlled from the Ukraine, but can't be certain... more»

An Arms Race: The Struggle Between Security Firms and Cybercriminals

Any improvement in the way computers spot malicious software is matched by a change in tactics by the criminals that undermines that better protection. One particular tactic that has proved successful for the criminals is the pumping out of ever more copies and variants of their malware. The numbers of malware samples received by the security companies tells this story all by itself. more»

Domain Name Registries Scrambling to Patch Newly Discovered DNS Bug

Domain name registries are scrambling to patch a newly discovered bug in popular open source DNS software that could be exploited for denial-of-service attacks. The bug and a corresponding fix were announced Monday by NLnet Labs, a research group that provides authoritative domain name server software called NSD to domain name registrars. more»

Cybersecurity Groups Start New Initiative to Combat Malware

Three of the world's leading cybersecurity groups today launched a new initiative to combat malicious software (malware) by establishing a "Chain of Trust" among all organizations and individuals that play a role in securing the Internet. Developed by the Anti-Spyware Coalition (ASC), National Cyber Security Alliance (NCSA) and, the Chain of Trust Initiative will link together security vendors, researchers, government agencies, Internet companies, network providers, advocacy and education groups in a systemic effort to stem the rising tide of malware. more»

Most Websites Harbor at Least One Major Vulnerability, Says Report

Most Websites harbor at least one major vulnerability, and over 80 percent of Websites have had a critical security flaw, according to new data released today by WhiteHat Security. The Website vulnerability statistics, based on Website vulnerability data gathered from WhiteHat's own enterprise clients, show that 63 percent of Websites have at least one high, critical, or urgent vulnerability issue, and there's an average of seven unfixed vulnerabilities in a Website today... more»

Google Blames DNS for Website Defacements in Uganda, Morocco and Kenya This Week

Domain Name System (DNS) insecurity caused the defacing of Google Web sites in Uganda and Morocco, according to a Google spokesperson. Earlier this week, both Google Uganda and Google Morocco were redirecting traffic to different sites... more»

Industry Updates

Introducing Verisign Public DNS: A Free Recursive DNS Service That Respects Your Privacy

Faster DDoS Mitigation - Introducing Verisign OpenHybrid Customer Activated Mitigation

Verisign's Q2'15 DDoS Trends: DDoS for Bitcoin Increasingly Targets Financial Industry

Protect Your Network From BYOD Malware Threats With The Verisign DNS Firewall

Announcing Verisign IntelGraph: Unprecedented Context for Cybersecurity Intelligence

Introducing the Verisign DNS Firewall

TLD Security, Spec 11 and Business Implications

Verisign Named to the Online Trust Alliance's 2015 Honor Roll

3 Key Steps for SMBs to Protect Their Website and Critical Internet Services

Key Considerations for Selecting a Managed DNS Provider

Verisign Mitigates More DDoS Attacks in Q1 2015 than Any Quarter in 2014

Verisign OpenHybrid for Corero and Amazon Web Services Now Available

Afilias Supports the CrypTech Project - Ambitious Hardware Encryption Effort to Protect User Privacy

Public Sector Experiences Largest Increase in DDoS Attacks (Verisign's Q4 2014 DDoS Trends)

Help Ensure the Availability and Security of Your Enterprise DNS with Verisign Recursive DNS