Weekend Reads 121622

Today, we released the latest issue of The Domain Name Industry Brief, which shows that the third quarter of 2022 closed with 349.9 million domain name registrations across all top-level domains, a decrease of 1.6 million domain name registrations, or 0.4%, compared to the second quarter of 2022.

Since 2019, unpatched ESXi servers have been targets of ongoing in-the-wild attacks based on two vulnerabilities in the ESXi’s OpenSLP service: CVE-2019-5544 and CVE-2020-3992.

In many cases, once a high-risk security vulnerability has been identified in a product, a bigger challenge emerges: how to identify the affected component or product by its assigned name in the National Vulnerability Database (NVD).

A developer’s cryptographic signing key is one of the major linchpins of Android security. Any time Android updates an app, the signing key of the old app on your phone needs to match the key of the update you’re installing.

Hashing is one of the pillars of cybersecurity. From securing passwords to sensitive data, there are a variety of use cases for hashing.

Cloud gaming needs wide access to 5G networks to thrive. Performance requirements for streaming the latest AAA titles on mobile devices are already high and are likely to increase as the industry adopts AR and VR devices, with the future growth of AR and VR devices also incentivizing telecom providers to bundle and/or upsell.

Did you know over 93% of all malware employs DNS as a mechanism to identify and contact its command and control (C2) to receive instructions? This is why a truly holistic cybersecurity strategy must include protection from malicious domains.

Today, we are glad to release the third version of the threat matrix for Kubernetes, an evolving knowledge base for security threats that target Kubernetes clusters.

The software industry is making headway against a group of pernicious vulnerabilities that are responsible for the vast majority of critical, remotely exploitable, and in-the-wild attacks, software-security experts said this week.

PCI DSS 4.0 was released in March 2022 and will replace the current PCI DSS 3.2.1 standard in March 2025. That provides a three-year transition period for organizations to be compliant with 4.0.

Arista Networks has a new high-end data-center switch as well as several smaller ones designed to provide more configuration and upgrade choices to fit the specific needs of individual organizations.

However, I’m going to ask an awkward question, one that has been burning in my mind for a while. What really happens to that data once you click “delete” on a cloud service?

Ofcom’s data shows that 97 percent of UK homes now have access to superfast broadband, defined as a downstream connection of 30 Mbps or more. While 27 percent of those who can access superfast broadband have yet to take up such services, Ofcom doesn’t seem particularly keen to persuade them to do so.

The European Telecommunications Standards Institute (ETSI) has unveiled a new Industry Specification Group (ISG) to undertake preliminary work on the potential use of terahertz frequencies in 6G communications.

NuGet, PyPi, and npm ecosystems are the target of a new campaign that has resulted in over 144,000 packages being published by unknown threat actors.