Networking

Instead of just launching distributed denial-of-service attacks, cyber-attackers have started hijacking domain names and redirecting traffic from legitimate sites to malicious ones.

The hacker group Anonymous recently managed to hijack the Domain Name System record for CBS.com and redirected all traffic to another Web server that displayed an empty directory structure. It appeared as if the contents of CBS.com had been wiped, but it was actually a different server altogether. CBS.com managed to regain control of its domain after the DNS poisoning attack.

Anonymous- the hacktivist group, recruited unwitting accomplices during their latest cyber attack against the US Department of Justice (DoJ), revealed a prominent security researcher, Graham Cluley, according to whom the group initiated distributed denial of service (DDoS) attack against DoJ in retaliation for a ban on Megaupload.

Contrary to conventional wisdom, a significant number of applications running on enterprise networks do not pass through port 80, so securing just that port does not protect the network, according to a recent report.

Application traffic analyzed by Palo Alto Networks in its semi-annual Application Usage and Risk Report found that 35 percent of the applications on enterprise  networks never use port 80 when communicating with the outside world, Matt Kiel, senior research analyst at Palo Alto Networks, told eWEEK.

The PROTECT IP Act continued to suffer serious blows on Thursday as both the Senate Majority Leader and the Senate Minority Leader made moves that further damaged the anti-piracy bill's chances of passage. Senate Majority Leader Harry Reid (D-NV) will not seek to use his leverage over other Democrats to ensure the Protect IP Act gets enough votes to overcome a filibuster. Meanwhile, Senate Minority Leader Mitch McConnell (R-KY) joined other Republican senators in blasting Reid for rushing the legislation to the Senate floor.

Will 2012 be the year when U.S. retailers, banks and content providers finally bolster their DNS systems with an add-on security measure that prevents Web site spoofing? That's what advocates of the security measure - dubbed DNSSEC for DNS Security Extensions - are hoping will occur.

Cybersecurity experts are urging IT departments to invest in DNSSEC now - before a high-profile attack occurs that could have been prevented by readily available DNSSEC-compliant appliances, software and services.

The special interests behind the Stop Online Piracy Act and the Protect IP Act are in full retreat, throwing the bills' most controversial provisions overboard in a desperate attempt to stop the entire bill from sinking. Realizing that proposals to create a DNS-based blacklisting scheme had become politically radioactive, the bills' sponsors—Rep. Lamar Smith (R-TX) and Sen. Patrick Leahy (D-VT), respectively—have pledged to drop these provisions. On Tuesday, even the Motion Picture Association of America declared that DNS filtering was "off the table" for this year's legislation.

Domain Name System Security Extensions (DNSSECs), which have been mandated for all .gov sites and are moving into the commercial Internet, protect DNS servers against hacking and other malicious acts. Unfortunately, it's very complex. The new Sandia tool will make it easier for IT staff to deal with it.

ICANN, the organization responsible for managing and coordinating the Domain Name System (DNS) to ensure that every address is unique and that all users of the Internet can find all valid addresses, announced its continued intent to open up the DNS with new generic top-level domains (TLDs), with one of the categories of top-level domains that would include brand names and other words.

The controversial decision could add more than 1,000 Internet suffixes (.sport, .Microsoft, etc.) each year.

In an effort to provide secure Internet environment in the country, DoT is mulling to set-up a pan-India secure network with an estimated cost of Rs 450 crore, providing a fool-proof infrastructure for telecom and internet communication exclusively for government use.

If your IPv6 strategy is to delay implementation as long as you can, you still must address IPv6 security concerns right now.

If you plan to deploy IPv6 in a dual-stack configuration with IPv4, you're still not off the hook when it comes to security. And if you think you can simply turn off IPv6, that's not going to fly either.