Why Your VPN May Not Be As Secure As It Claims

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target’s traffic off of the protection provided by their VPN without triggering any alerts to the user. Continue reading Why Your VPN May Not Be As Secure As It Claims

Report: Recent 10x Increase in Cyberattacks on Ukraine

As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians. Continue reading Report: Recent 10x Increase in Cyberattacks on Ukraine

Security experts say Ukraine’s request to shut down Russian domains could hurt civilians

Ukrainian officials sent an urgent request Monday to the nonprofit that stewards domain and IP systems key to the global internet, but security experts are warning that it’s not as simple as it looks. Ukraine asked the Internet Corporation for Assigned Names and Numbers (ICANN) to shut down Russian top-level domains — such as those with the .ru country code — in response to Russia’s use of the internet as a key attack surface for both information operations and cyberattacks. ICANN has not yet responded to the request, Andrii Nabok, head of the expert group for the development of fixed broadband at Ukraine’s Ministry of Digital Transformation and Ukraine’s representative to ICANN, confirmed in an email to CyberScoop. The email, first reported by Rolling Stone, presses ICANN to “revoke, permanently or temporarily” Russian domains, revoke identification certificates for the domains and shut down DNS root servers in the Russian Federation. […]

The post Security experts say Ukraine’s request to shut down Russian domains could hurt civilians appeared first on CyberScoop.

Continue reading Security experts say Ukraine’s request to shut down Russian domains could hurt civilians

The Great $50M African IP Address Heist

A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions of dollars worth of the increasingly scarce resource to online marketers. The allegations stemmed from a three-year investigation by a U.S.-based researcher whose findings shed light on a murky area of Internet governance that is all too often exploited by spammers and scammers alike. Continue reading The Great $50M African IP Address Heist

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.

This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers. Continue reading A Deep Dive on the Recent Widespread DNS Hijacking Attacks