Security

Noteworthy

 IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Security / Recently Commented

Researchers Use Social Graphs to Detect Spammers, Attackers

A project named S-GPS or Spammer Global Positioning System, by Microsoft researchers uses spammer identification rather than spam identification to identify zombie-based spammers. more»

Internet Groups Inaugurate First of Three Cyber Security Facilities

ICANN and internet exchange firm Packet Clearing House (PCH) have joined forces with Infocomm Development Authority of Singapore (IDA) and the National University of Singapore (NUS) to launch the first of three facilities designed to boost the adoption of Domain Name System Security (DNSSEC) among country code Top-Level Domains (ccTLDs). The three new facilities, located in Singapore; Zurich, Switzerland (still under construction) and San Jose, California, provide cryptographic security using the recently deployed DNSSEC protocol. more»

US Racing on Multiple Fronts to Plug the Holes in Cyber Defenses

The Pentagon is about to roll out an expanded effort to safeguard its contractors from hackers and is building a virtual firing range in cyberspace to test new technologies, according to officials familiar with the plans, as a recent wave of cyber attacks boosts concerns about U.S. vulnerability to digital warfare. The twin efforts show how President Barack Obama's administration is racing on multiple fronts to plug the holes in U.S. cyber defenses... more»

Chinese Military Must Boost Cyberdefense Efforts Against Pentagon, Says Military Newspaper

China must boost its cyber-warfare strength to counter a Pentagon push, the country's top military newspaper said on Thursday after weeks of friction over accusations that Beijing may have launched a string of Internet hacking attacks. The accusations against China have centered on an intrusion into the security networks of Lockheed Martin Corp and other U.S. military contractors... more»

Patient Care Suffers When Data Security is a Budgetary Concern

According to a recent Homeland Security News Wire article, nearly 8 million patient medical records were compromised over the course of the previous two years due to data security breaches. As more hospitals and patient care providers move to store patient data electronically -- primarily as a cost savings effort -- the risk and exposure of our private medical information increases while our individual control over this information diminishes. more»

Response Policy Zones (RPZs): Use as a Blocklisting Process

Gradually it seems the word is spreading about a new blocking methodology to interrupt the ability of end users to click and visit phishing sites - thereby having their personal information/credentials at risk. This is the DNS Response Policy Zones. DNS RPZs allows companies that run recursive resolvers to create a zone that will not resolve specific domains. more»

Editorials Against PROTECT-IP

First the Los Angeles Times, now the New York Times have both printed editorials critical of the PROTECT-IP bill. Both the LAT and NYT support copyright - and announce as much in their opening sentences. That doesn't mean we should sacrifice Internet security and stability for legitimate DNS users, nor the transparency of the rule of law. more»

Major U.S. Bank Waits Over a Month to Report Large-Scale Cyber Attack

Maria Aspan reporting in Reuters: "Major U.S. banks came under growing pressure from banking regulators to improve the security of customer account information after Citigroup Inc became the latest high-profile victim of a large-scale cyber attack. ... The third-largest U.S. bank waited more than a month before making the full extent of the breach public, drawing criticism on Thursday from lawmakers and lawyers." more»

CAUCE Director Neil Schwartzman Wins Prestigious MAAWG Award

CAUCE Executive Director Neil Schwartzman won the prestigious Mary Litynski award on June 08, 2011 for his contributions to Internet anti-abuse efforts, including the passage of Canada's Anti-Spam Law. more»

8 Security Considerations for IPv6 Deployment

Feb. 3, 2011, came and went without much fanfare, but it was a milestone for Internet stakeholders, whether they knew it or not. On that Thursday, the last available IPv4 addresses were allocated by the Internet Assigned Numbers Authority (IANA). Though some Regional Internet Registries (RIRs) have a reasonable inventory of IP addresses that could last another year or two, the days of "new" IPv4 address allocations are largely over. more»

Chinese Newspaper Warns Google Against Playing a Risky Political Game

Chris Buckley reporting in Reuters: "The tough warning appeared in the overseas edition of the People's Daily, the leading newspaper of China's ruling Communist Party, indicating that political tensions between the United States and China over Internet security could linger. Last week, Google said it had broken up an effort to steal the passwords of hundreds of Google email account holders, including U.S. government officials, Chinese human rights advocates and journalists. It said the attacks appeared to come from China..." more»

RSA Breach Fallout?

Back in March, it was widely reported that RSA had suffered a serious security breach that (to some extent) weakened the security of its SecurID token. However, the NY Times reported then that the chairman said that the penetration wasn't absolute but "it could potentially reduce the effectiveness of the system in the face of a 'broader attack.'". more»

At the Start of the NL IGF

At the annual Dutch "delegation" dinner at the Internet Governance Forum (IGF) in Vilnius, Lithuania, I voiced that it may be a good idea to start a Dutch IGF. This followed a discussion in which we discussed the possibilities of involving more people and organisations from the Netherlands in Internet governance. The, now, Ministry of Economic Affairs, Agriculture and Innovation followed this thought and made it possible for the ECP/EPN foundation to start the NL IGF. more»

Research Detects Spammers Using Fake URL-Shortening Services

New research has uncovered evidence of spammers establishing their own fake URL-shortening services for the first time. According to the latest MessageLabs Intelligence report, shortened links created on these fake URL-shortening sites are not included directly in spam messages; instead, the spam emails contain shortened URLs created on legitimate URL-shortening sites. "Rather than leading directly to the spammer's final Web site, these links actually point to a shortened URL on the spammer's fake URL-shortening Web site, which in turn redirects to the spammer's final Web site." more»

Interpol Joining ICANN's Governmental Advisory Committee as an Observer

Kevin Murphy reporting in DomainIncite: "Interpol plans to apply to join ICANN's Governmental Advisory Committee as an observer, according to ICANN. The news came in a press release this evening, detailing a meeting between ICANN president Rod Beckstrom and Interpol secretary general Ronald Noble. The meeting 'focused on Internet security governance and enhancing common means for preventing and addressing Internet crime'." more»