SHA-1 is deprecated but still used in DNSSEC, and this collision attack means that some attacks against DNSSEC are now merely logistically challenging rather than being cryptographically infeasible. —Tony Finch

Juniper Threat Labs discovered a family of Monero Miners that spreads through cloud storage providers such as OneDrive, Google Drive and Dropbox. It also has the ability to mutate or change itself to try to avoid detection. —Paul Kimayong

In April 2019 the Internet Society’s Online Trust Alliance (OTA) released its 10th Annual Online Trust Audit & Honor Roll. The Audit looks at the security and privacy practices of over 1,000 of the top sites on the Internet from retailers to governments. —Kenneth Olmstead

The decisions made by carriers, and their suppliers, on cloud RAN architectures will have big implications on the connection bandwidths needed in the 5G RAN and the systems required. —Simon Stanley

Security researchers observed that Ako ransomware is using malicious spam attachments to go after organizations’ networks. —David Bisson

By getting a mobile phone carrier to transfer a user’s phone number to a fraudster’s SIM card, the bad guys can access a variety of riches linked to a victim’s mobile phone. —Terry Sweeney

The gap between the performance of processors, broadly defined, and the performance of DRAM main memory, also broadly defined, has been an issue for at least three decades when the gap really started to open up. —Timothy Prickett Morgan

Back in 2017, the World Wide Web Consortium (W3C) approved the most controversial standard in its long history: Encrypted Media Extensions, or EME, which enabled Netflix and other big media companies to use DRM despite changes to browsers extensions that eliminated the kinds of deep hooks that DRM requires. —Cory Doctorow

If the update rate of BGP is growing faster than we can deploy processing capability to match, then the routing system will lose data, and at that point, the routing system will head into turgid instability. —Geoff Huston

The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Because the companies that make the equipment are subservient to the Chinese government, they could be forced to include backdoors in the hardware or software to give Beijing remote access. —Bruce Schneier