Why Your VPN May Not Be As Secure As It Claims

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target’s traffic off of the protection provided by their VPN without triggering any alerts to the user. Continue reading Why Your VPN May Not Be As Secure As It Claims

Report: Recent 10x Increase in Cyberattacks on Ukraine

As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians. Continue reading Report: Recent 10x Increase in Cyberattacks on Ukraine

The Great $50M African IP Address Heist

A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions of dollars worth of the increasingly scarce resource to online marketers. The allegations stemmed from a three-year investigation by a U.S.-based researcher whose findings shed light on a murky area of Internet governance that is all too often exploited by spammers and scammers alike. Continue reading The Great $50M African IP Address Heist

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.

This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers. Continue reading A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Free DNS service from internet nonprofits makes security ‘as simple as humanly possible’

A free DNS service from nonprofits Global Cyber Alliance and Packet Clearing House launched Thursday will block users and devices from visiting known malicious websites, acting as an “immune system” for internet-connected devices. The new Quad9 Domain Name System (DNS) filtering service is aimed at individual users, micro-enterprises and small businesses, but will be useful for any enterprise that doesn’t have a dedicated IT team, the alliance’s Executive Director for the UK and Europe Andy Bates, explained to CyberScoop. “We’ve made it as simple as humanly possible,” he said. Using threat intelligence feeds from IBM’s X-Force security service and 18 other partner organizations, Quad9 compiles a constantly updated blacklist of known bad websites — ones that contaminate visitors with malware or are used to control infected computers. If a user clicks on a link, for instance in a phishing email, Quad9 will block the move. The 18 other partner companies include Abuse.ch, the Anti-Phishing […]

The post Free DNS service from internet nonprofits makes security ‘as simple as humanly possible’ appeared first on Cyberscoop.

Continue reading Free DNS service from internet nonprofits makes security ‘as simple as humanly possible’