For a loosely connected, globally distributed system with no central governing authority, the Internet is remarkably dependable. Robust enough to cope with the unexpected, it features back-up capabilities ranging from redundant network paths to virtual servers that compensate for physical hardware failures.
According to the Center for Internet Security (CIS), in September 2020, three malware returned to the Top 10: CoinMiner, CryptoWall, and Emotet. The Top 10 Malware variants composed 87% of Total Malware activity in September 2020, up from 78% in August 2020.
Rapid 7 has disclosed a set of address bar spoofing vulnerabilities that affect a number of mobile browsers, ranging from the more common browsers, like Apple Safari and Opera Touch, to the less common, like Bolt Browser and RITS Browser. The announcement is a coordinated vulnerability disclosure publication with security researcher, Rafay Baloch.
The Multi-State Information Sharing and Analysis Center (MS-ISAC) and the Downstream Natural Gas Information Sharing and Analysis Center (DNG-ISAC) have signed a memorandum of understanding (MOU) to share cyber threat information that will enable stronger protection for both sectors.
A new Rapid7 research found that the security of the internet overall is improving. The number of insecure services such as SMB, Telnet, rsync, and the core email protocols, decreased from the levels seen in 2019. However, vulnerabilities and exposures still plague the modern internet even with the increasing adoption of more secure alternatives to insecure protocols, like Secure Shell (SSH) and DNS-over-TLS (DoT).
A new survey says that a vast majority of Americans say they value online safety, but many have habits that compromise the safety of their data and various online accounts—especially the tech-savvy younger generations who grew up during and after the internet revolution.
In late January, the Department of Justice filed lawsuits seeking temporary restraining orders against five companies and three individuals, based on allegations that they had carried hundreds of millions of fraudulent robocalls to American consumers. Within days, the Federal Trade Commission (FTC) sent letters to 19 Voice over Internet Protocol providers to warn them that any assistance or facilitation of telemarketing through robocalls would be deemed to violate the new law.
There seems to be a consensus for advocates of private Internet use that encryption is a good thing, and that encryption of DNS is needed to prevent network operators from gaining visibility into the sites and services their users lookup (and then visit). Two protocols have been created to achieve this encryption: DNS over TLS (DoT) and DNS over HTTPS (DoH). While both offer encryption of DNS data using the same TLS protocol, there are some very important differences:
The New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) invites public, private and home-schooled students in grades kindergarten through twelfth to participate in the state of New Jersey’s annual Cybersecurity Awareness poster contest.