Weekend Reads 041621

In this study, we investigate DoT using 3.2k RIPE Atlas home probes deployed across more than 125 countries in July 2019. We issue DNS measurements using Do53 and DoT, which RIPE Atlas has been supporting since 2018, to a set of 15 public resolver services (five of which support DoT), in addition to the local probe resolvers, shown in the figures below.

In the early days of congestion control signaling, we originally came up with the rather crude “Source Quench” control message, an ICMP control message sent from an interior gateway to a packet source that directed the source to reduce its packet sending rate.

Today, networking infrastructure is designed to deliver software ‘quickly’, ranging from a few seconds to hours.

Posture assessment requires periodic comparisons of current controls to expected values. Having posture assessment as part of products when deployed is possible, but it will take some time until the industry can provide these capabilities.

When you think of the cybersecurity “CIA” triad of Confidentiality, Integrity, and Availability, which one of those is most important to your organization?

The latest Honeywell USB Threat Report 2020 indicates that the number of threats specifically targeting Operational Technology systems has nearly doubled from 16% to 28%, while the number of threats capable of disrupting those systems rose from 26% to 59% over the same period.

In fact, much of the information required to detect most commonly encountered threats and malicious techniques can be drawn right from Windows event logs and systems monitoring, according to a new report by security vendor Red Canary.

Part of being a registry is being a phonebook for the Internet. But just as phonebooks have changed, so too are registries evolving. A core aspect of the ‘phonebook’ service that registries provide are known as ‘whois’ databases.

At this point, I had a functional CDN, but with the obvious limitation of being a CDN that only does DNS, so I felt it was time to add a new service — HTTP caching.

Cybercriminal extortionists have adopted a new tactic to apply even more pressure on their corporate victims: contacting the victims’ customers, and asking them to demand a ransom is paid to protect their own privacy.

ISPs in the U.S. saw a significant surge in both downstream and upstream traffic, increasing at least 30% and as much as 40% during peak business hours and as much as 60% in some markets, according to a new report from the Broadband Internet Technical Advisory Group (BITAG).

Networking equipment major Cisco Systems has said it does not plan to fix a critical security vulnerability affecting some of its Small Business routers, instead urging users to replace the devices.

Hidden deep in Google’s release notes for the new version of Chrome that shipped on March 1 is a fix for an “object lifecycle issue.” Or, for the less technically inclined, a major bug.

It is straightforward to reveal a user’s visited site if the destination IP address hosts only that particular domain. However, when a given destination IP address serves many domains, an adversary will have to ‘guess’ which one is being visited.

When it comes to cybersecurity, industrial IT—consisting mainly of operational technology (OT) and industrial control systems (ICS)—has failed to keep up with development in the enterprise IT world. That’s mostly because industries’ adoption of internet technology has been slower when compared with enterprises.

DNS Shotgun is a benchmarking tool specifically developed for realistic performance testing of DNS resolvers. Its goal is to simulate real clients and their behaviour, including timing of queries and realistic connection management, which are areas where traditional tools are lacking.

On 23 March, Internet traffic around the London Internet Exchange Point, LINX, showed some dramatic shifts.

In its April slate of patches, Microsoft rolled out fixes for a total of 114 security flaws, including an actively exploited zero-day and four remote code execution bugs in Exchange Server.

When a friend who works for a major telecom/ISP operator in Karachi asked me to provide an awareness session on Software Defined Networking (SDN), I was happy to oblige.

Tens of millions of Internet connected devices — including medical equipment, storage systems, servers, firewalls, commercial network equipment, and consumer Internet of Things (IoT) products — are open to potential remote code execution and denial-of-service attacks because of vulnerable DNS implementations.