Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Threat Intelligence |
Sponsored by |
|
ICANN video highlighting last week's historical DNSSEC key signing ceremony held in a high security data centre located in Culpeper, VA, outside of Washington, DC. "During the ceremony, participants were present within a secure facility and witnessed the preparations required to ensure that the so-called key-signing-key (KSK) was not only generated correctly, but that almost every aspect of the equipment, software and procedures associated with its generation were also verified to be correct and trustworthy." more
Close to 20% of popular VPN services are reported to be leaking customer's IP address via a WebRTC bug known since January 2015, and which "some VPN providers have never heard of." more
Researchers at security service provider, Zscaler, are reporting that in the past six months they have blocked over 2.5 billion web-based cryptomining attempts within their cloud service. more
In an announcement today, credit reporting giant Equifax revealed a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. more
On Sept. 27, Internet Corporation for Assigned Names and Numbers (ICANN) announced that the first root zone Key Signing Key (KSK) rollover - originally scheduled to take place on Oct. 11 - will be postponed. Although this was certainly a difficult decision, we fully agree that erring on the side of caution is the best approach to take. In this blog post, I want to explain some of the involvement Verisign has had in KSK rollover preparations, as well as some of the recently available research opportunities which generated data that we shared with ICANN related to this decision. more
This post was co-authored by Sarah McKune, a senior researcher at the Citizen Lab. Public attention to the secretive world of cyber espionage has risen to a new level in the wake of the APT1: Exposing One of China's Cyber Espionage Units report by security company Mandiant. By specifically naming China as the culprit and linking cyber espionage efforts to the People's Liberation Army, Mandiant has taken steps that few policymakers have been willing to take publicly, given the significant diplomatic implications. more
Millions of email warnings were sent out by Marriot on Friday to warn customers about the massive data breach which has affected close to half a billion guest data. more
With my post earlier this month about the possibility of SIP botnets [also featured here on CircleID], I've had a number of people asking about more information and wondering about the possible impacts. And while I will write more on botnets in general, as far as the potential impact of "botnets" in general, one need only look over at the current situation in Estonia... Now, perhaps Russia is behind the attack... perhaps not. There are obviously much larger political issues going on between the two states. more
As widely discussed recently, observed within the ICANN community several years ago, and anticipated in the broader technical community even earlier, the introduction of a new generic top-level domain (gTLD) at the global DNS root could result in name collisions with previously installed systems. Such systems sometimes send queries to the global DNS with domain name suffixes that, under reasonable assumptions at the time the systems were designed, may not have been expected to be delegated as gTLDs. more
'It could've been worse' is a fascinating expression. It implies that the incident in question obviously could have been worse than expected, however it also implies that it could have been better, ultimately leading to the conclusion that it was at least somewhat bad. So both fortunately and unfortunately for three Greek banks, the ransom DDoS attacks levied against them by hacker group the Armada Collective could have been worse. more
For the first time, a large dataset has been released by a security firm to help AI research and training of machine learning models that statically detect malware. more
A few days ago a story broke where someone hacked into a global warming research institute and stole all emails from the past 10 years, proving a conspiracy. In the vast amount of emails stolen, some emails were also found with clear-cut lies, showing how some scientists conspired to deceive in scientific research about data that did not fit their agenda of proving global warming. I am opening the subject for debate... more
Paul observed that most new domain names are malicious. Are they? Since the "dawn of tasting", some 30 million domain names have been created for the purposes of interposition on existing name to resource mappings. That is a third of the .COM historical growth, and mostly in the last five years. ... It is difficult not to conclude that interposition on persistent, public referents is without malice, and that the malicious parties are advertisers seeking to transform public referents into private property, as promotional devices... more
The new Anti-Phishing Working Group (APWG) Global Phishing Survey has just been released. Written by myself and Rod Rasmussen of IID, the report is the "who, what, where, when, and why" look at phishing, examining the second half of 2014. The report has many findings, but here I'll concentrate on the new gTLDs. The second half of 2014 was when an appreciable number of new gTLDs entered general availability and started to gain market share. more
It seems like the online Russian population is getting mobilized. Like a meme spreading on the blogosphere, the mob is forming and starting to "riot", attacking Georgia. This seems very similar to the Estonian incident, only my current guess is natural evolution rather than grass-roots implanted -- but I am getting more and more convinced of the similarities as more information becomes available. Determining exactly when the use of scripts by regular users started, is key to this determination. more
A World-Renowned Source for Internet Developments. Serving Since 2002.
