7.4 C
London
Friday, November 24, 2017
Home Authors Posts by cyberparse

cyberparse

39640 POSTS 0 COMMENTS
Our purpose is to provide the right information to our readers. For obvious reasons, our information journey will of couse be ever changing, but from the outset we plan on the following: Break down and communicate knowledge relating to Cyber Crime, Cyber Security, Information Security and Computer Security. Use Risk Management practices to help in translating the technical aspects of the Risks, Threats and Vulnerabilities into business language. Communicate the appropriate Controls necessary to reduce the Impact and Probability. We will do this by: Identifying, collating and providing relevant information. Highlighting relevant News articles. Investigating trends and providing Analysis. Providing How-to tips and tricks to reduce the Threats and Vulnerabilities. Offering Products and Solutions designed to mitigate or defend against the risks. ------ Joe Woods, Editor and CTO

XCOM 2 delayed until 2016

2K Games and Firaxis on Friday announced that PC strategy game XCOM 2 has been delayed. The game was originally pegged to launch this fall, but it's now slated to arrive on February 5, 2016. "We've set a high bar for the sequel and the entire team ha...

Bungie teases Destiny: Taken King’s new raid, the game’s biggest ever

King's Fall, the new raid coming to Destiny with the upcoming Taken King expansion, is "objectively and emphatically" the shooter's biggest raid ever. That's according to The Taken King creative director Luke Smith, who talked more about King's Fall ...

iPhone 6S and iPhone 6S Plus: The features, specs, pricing and...

Top 3 news reading apps With the latest tech, getting news delivered to your phone is easier than ever. Here's a roundup of apps that are customizable and useful for getting the news.

Twitter sets goals toward making its workforce more diverse

On the heels of a similar move by Pinterest, Twitter has publicly released its hiring goals for improving the diversity of its workforce between now and 2016. The social network announced Friday that it's striving to boost representation in its overa...

Inside Google’s master plan for faster, sharper streaming video

MOUNTAIN VIEW, California -- We've all been there: After clicking or tapping a YouTube link, we're greeted with a long wait, then video marred by blurry details and distracting blocky patterns. Google has been trying to improve the situation with te...

Uber hires researchers who hacked Chrysler Uconnect

Charlie Miller, Chris Valasek reportedly hired to help secure self-driving cars.

R + L = J + ?: A new Jon Snow...

Enlarge Image Does Jon Snow have a secret twin sister that we don't know about? Maybe, according to this fan theory posted on Reddit. HBO/Helen Sloan Warning: Spoilers are coming. Only read this post if you're caught up on the "Game of Thrones" ser...

NYC taxis to compete with Uber

New York cab companies are set to launch an app of their own, one billion people visit Facebook in a day, Chrome sets end date for Flash support, and HTC's Vive VR headset is delayed.

Rocket League sells 1 million copies on Steam

Rocket League, a new sports-action game that is essentially soccer with cars, has undoubtedly been one of the hottest games of summer. Now, Valve and developer Psyonix have announced that the beloved game has sold more than 1 million copies for PC on...

Movie version of Borderlands game will take you back to Pandora

Enlarge Image Claptrap gets a makeover in Borderlands: The Pre-Sequel. The lovable-but-annoying robot will likely make an appearance in a just-announced Lionsgate "Borderlands" movie. 2K Get ready to embark on an epic journey to Pandora, travelers....

Pentagon announces Silicon Valley joint venture for wearables, warfare

Defense Department is always hunting down new ways to surveil and kill.

TA15-240A: Controlling Outbound DNS Access

Original release date: August 28, 2015Systems Affected Networked systems Overview US-CERT has observed an increase in Domain Name System (DNS) traffic from client systems within internal networks to publically hosted DNS servers. Direct client access to Internet DNS servers, rather than controlled access through enterprise DNS servers, can expose an organization to unnecessary security risks and system inefficiencies. This Alert provides recommendations for improving security related to outbound DNS queries and responses. Description Client systems and applications may be configured to send DNS requests to servers other than authorized enterprise DNS caching name servers (also called resolving, forwarding or recursive name servers). This type of configuration poses a security risk and may introduce inefficiencies to an organization.    Impact Unless managed by perimeter technical solutions, client systems and applications may connect to systems outside the enterprise’s administrative control for DNS resolution. Internal enterprise systems should only be permitted to initiate requests to and receive responses from approved enterprise DNS caching name servers. Permitting client systems and applications to connect directly to Internet DNS infrastructure introduces risks and inefficiencies to the organization, which include:Bypassed enterprise monitoring and logging of DNS traffic; this type of monitoring is an important tool for detecting potential malicious network activity.Bypassed enterprise DNS security filtering (sinkhole/redirect or blackhole/block) capabilities; this may allow clients to access malicious domains that would otherwise be blocked.Client interaction with compromised or malicious DNS servers; this may cause inaccurate DNS responses for the domain requested (e.g., the client is sent to a phishing site or served malicious code).Lost protections against DNS cache poisoning and denial-of-service attacks. The mitigating effects of a tiered or hierarchical (e.g., separate internal and external DNS servers, split DNS, etc.) DNS architecture used to prevent such attacks are lost.  Reduced Internet browsing speed since enterprise DNS caching would not be utilized.Solution Implement the recommendations below to provide a more secure and efficient DNS infrastructure. Please note that these recommendations focus on improving the security of outbound DNS query or responses and do not encompass all DNS security best practices.  Configure operating systems and applications (including lower-tier DNS servers intended to forward queries to controlled enterprise DNS servers) to use only authorized DNS servers within the enterprise for outbound DNS resolution.Configure enterprise perimeter network devices to block all outbound User Datagram Protocol (UDP) and Transmission Control Protocol (TCP) traffic to destination port 53, except from specific, authorized DNS servers (including both authoritative and caching/forwarding name servers).  Additionally, filtering inbound destination port 53 TCP and UDP traffic to only allow connections to authorized DNS servers (including both authoritative and caching/forwarding name servers) will provide additional protections. Refer to Section 12 of the NIST Special Publication 800-81-2 for guidance when configuring enterprise recursive DNS resolvers. [1]References Secure Domain Name System (DNS) Deployment Guide Revision History August 28, 2015: Initial Release This product is provided subject to this Notification and this Privacy & Use policy.