• DNSSEC Adoption is Slow for Government Agencies

    Even though more than two years have passed since federal government agencies were required to support DNS Security Extensions (DNSSEC) on their web sites, only 57 percent of agencies have met these requirements. In other words, about 40 percent of federal agencies have not secured their domains to protect users…

    Read More
    0 502
  • Google Now Supports DNSSEC

    Google announced this week that they have enabled Domain Name System Security Extensions (DNSSEC). This is essential for ensuring that DNS queries are directed to the real web site. With this in place Google is now checking the digital signatures on DNSSEC formatted messages. Currently 7% of the volume of…

    Read More
    0 574
  • Recent Government Cybersecurity Actions

    Last week President Obama signed an Executive Order in an attempt to strengthen the cybersecurity of critical infrastructure in the United States. This is an area much in need of improvement, but this Executive Order barely scratches the surface. The main points addressed by the order are to facilitate information…

    Read More
    0 578
  • DNSSEC Deployment Lags

    DNSSEC has been slow to be accepted by commercial sites, leading a lag in DNSSEC deployment, even though it is the best solution to prevent the exposure to site hijacking. This type of hijacking is possible because of a major flaw in DNS that makes it possible for hackers to…

    Read More
    0 674
  • A New DNS Vulnerability

    A new DNS vulnerability was found in BIND yesterday, CVE-2012-5688. It is listed as a critical vulnerability. This adds to the list of major vulnerabilities discovered in BIND. Since February of 2011, a new high vulnerability has been found on average every 60 days. This is a worrisome trend for…

    Read More
    0 652
  • Need More Secure Operating Systems

    Kaspersky Lab has announced that they are developing a secure operating system for protecting SCADA (supervisory control and data acquisition) and ICS (industrial-control systems). These are the systems used for industrial control. They are core to most utility companies and industrial infrastructure, controlling such things as valves or switches.

    Read More
    0 578
  • Protecting Your DNS

    There have been several recent Denial of Service attacks reported on banks, hosting providers and federal agencies around the world.  As always with these types of attacks, one of the victims is the DNS server. Attacking DNS is effective, once the DNS server is taken down by the hacker, customers…

    Read More
    0 521
  • DDoS Attacks Get Serious

    In the last couple of weeks there has been a big jump of DDoS attacks focused on the websites of major US financial institutions. Among those reportedly attacked has included Wells Fargo, JP Morgan Chase, Bank of America, PNC, and U.S. Bank. A distributed denial-of-service attack or better known as…

    Read More
    0 507
  • GoDaddy’s DNS Outage Exposes the Need for DNS Redundancy

    The GoDaddy DNS outage had wide spread effect. Hacktivists claimed to have caused it but Interim CEO Scott Wagner said the service outage was due to a series of internal network events that corrupted route data tables. No matter what the cause, whether it was internal errors or external attacks,…

    Read More
    0 575
  • Botnets, Route Hijacking, and Other Security Threats

    Cyber crime has become big business. In the past, hackers tended to work alone or in small groups, and their impact was usually quite minimal. Sometimes it was done just for bragging rights rather than monetary gain, and often had no adverse affects on most of the general public.

    Read More
    0 654