Exploring the realm of cyber early warning systems
Guest Post: Applying physical early warning system frameworks to cyber hazards.
Tag: security
Smargaft harnesses EtherHiding for stealthy C2 hosting
Guest Post: New botnet uses the Binance Smart Chain to host command and control servers and infect shell scripts like a virus to achieve persistence.
Automated assurance on a path to becoming practical
Guest Post: Cloud native architecture is a game changer for security at scale. How long before we see automation through attestation, built-in at scale?
When it’s not DNS, it’s probably NTP
An intriguing detective story about debugging a chain of problems.
As the balance of security controls shifts, where does responsibility rest?
Guest Post: Increasing encryption online impedes existing methods of detecting malicious traffic. How will industry, standards, and policy settle this dilemma?
KeyTrap
Just how ‘devastating’ is the Keytrap vulnerability? How it works, and what the response has been.
SMTP smuggling — spoofing emails worldwide
Guest Post: Introducing a novel technique for email spoofing.
Crashing the party — vulnerabilities in RPKI RP software
Guest Post: Prefix hijacks are devastating to Internet stability and security.
GAC communiqués and community activity on DNS abuse
The DNS Abuse Institute launches a new level of reporting that reveals how malicious phishing and malware are distributed across the DNS registration ecosystem.
KeyTrap algorithmic complexity attacks exploit fundamental design flaw in DNSSEC
Guest Post: Researchers uncover and investigate ‘the worst attack on DNS ever discovered’.