Weekend Reads 111921


Kaspersky today publishes its Distributed Denial of Service (DDoS) Q3 2021 report, which found when compared to Q3 2020, the total number of DDoS attacks increased by nearly 24%, while the total number of smart attacks (advanced DDoS attacks that are often targeted) increased by 31% when compared to the same period last year.


IP fragmentation is a process that breaks large packets into smaller packets to allow them to more easily traverse a network. The process is common in the DNS, which is predominantly UDP based.


If you’ve been perusing cryptocurrency forums or video-game news recently—or spying everything from New York Times job listings to zany Twitter threads claiming that the traditional job interview is about to be replaced by blockchain-based “quests, adventures and courses to prove your worth”—you might have run into the term “Web3.”


When Facebook announced last month that it was rebranding as Meta, CEO Mark Zuckerberg enthusiastically described the metaverse his company would soon build, promising it would be a world “as detailed and convincing as this one” where “you’re going to be able to do almost anything you can imagine.”


In a previous blog, we shared how Paragon™ Pathfinder plays an important role in closed-loop automation by tuning the paths of RSVP or Segment-Routed Traffic Engineered LSPs according to changing conditions that it observes in the live network.


HTML smuggling, a highly evasive malware delivery technique that leverages legitimate HTML5 and JavaScript features, is increasingly used in email campaigns that deploy banking malware, remote access Trojans (RATs), and other payloads related to targeted attacks.


Smishing messages usually include a link to a site that spoofs a popular bank and tries to siphon personal information. But increasingly, phishers are turning to a hybrid form of smishing — blasting out linkless text messages about suspicious bank transfers as a pretext for immediately calling and scamming anyone who responds via text.


A state-sponsored threat actor allegedly affiliated with Iran has been linked to a series of targeted attacks aimed at internet service providers (ISPs) and telecommunication operators in Israel, Morocco, Tunisia, and Saudi Arabia, as well as a ministry of foreign affairs (MFA) in Africa, new findings reveal.


The aviation industry told the White House on Tuesday it will take “significant time” to ensure it is safe for major U.S. wireless companies to use C-Band spectrum for 5G communications.


If you are responsible for a web server, you already use Transport Layer Security (TLS, the ‘S’ in ‘HTTPS’) to protect your users from man-in-the-middle attackers that could otherwise passively sniff website cookies or actively inject malicious JavaScript.


ECDSA is a digital signature algorithm that is based on Elliptical Curve Cryptography (ECC). This form of cryptography is based on the algebraic structure of elliptic curves over finite fields.


As many as 13 security vulnerabilities have been discovered in the Nucleus TCP/IP stack, a software library now maintained by Siemens and used in three billion operational technology and IoT devices that could allow for remote code execution, denial-of-service (DoS), and information leak.


A few months ago, Proofpoint, a leading vendor of data loss prevention software, filed a lawsuit against a former employee for stealing confidential sales-enablement data prior to leaving for Abnormal Security, a market rival.


On November 15, 1971, Intel publicly debuted the first commercial single-chip microprocessor, the Intel 4004, with an advertisement in Electronic News.