Network Protocols and Security
- October 13, 2016
Akamai researchers discovered how unknown threat actors are using an SSH flaw to secretly gain control of IoT devices and turn them into proxies for malicious traffic.
- September 28, 2016
New SWIFT security policy will mandate baseline controls for banking partners, but experts are unsure how effectively the changes can be enforced.
- September 28, 2016
Domain name system watchdog ICANN has begun the process of updating the DNS root zone signing key to strengthen DNSSEC protection against man-in-the-middle attacks.
- August 31, 2016
SWIFT told clients there have been more attacks on its bank messaging system and some have resulted in bank thefts, but no solutions to security are available.
- August 18, 2016
The SWIFT banking system had a number of high-profile hacks earlier this year, and execs are now admitting they ignored security issues until it was too late.
- August 05, 2016
Black Hat researchers report flaws in key web protocols, demonstrating widespread flaws in HTTP/2 implementations; Banner Health announces breach affecting 3.7 million.
- July 18, 2016
John Curran, ARIN chief, explains IPv6 connectivity progress and gives compelling security arguments in favor of IPv6 support sooner rather than later.
- July 14, 2016
A year after the depletion of the IPv4 address space, ARIN chief John Curran talks about IPv6 benefits, the IPv6 NAT conundrum and the importance of offering IPv6 connectivity.
- July 12, 2016
SWIFT attempts to improve banking security include partnerships with two cybersecurity firms, and the creation of a new Customer Security Intelligence team.
- June 08, 2016
Following a number of attacks on the SWIFT banking system that led to the theft of millions of dollars, SWIFT promised new rules to improve security for bank transfers.
- May 26, 2016
In order to stop metadata snooping by law enforcement and hackers, a proposed spec aims to improve DNS privacy with TLS.
- April 15, 2015
PCI DSS 3.1 grants merchants about 14 months to nix flawed SSL and TLS protocols, but demands they quickly provide detailed new documentation on how they plan to make the transition.
- April 05, 2015
Experts say even enterprises that carefully secure TLS may still be at the mercy of the numerous security issues affecting the SSL ecosystem.
- March 31, 2015
Qualys has added a free, public API to its SSL testing services, which will enable an enterprise to test any website or server for SSL vulnerabilities.
- March 30, 2015
The PCI Security Standards Council has confirmed that PCI DSS 3.1 will be released in just a few weeks. According to a Gartner analyst, the surprise new release could cause major problems for merchants.