On the first pages of the Report, we can see that September numbers are very comparable to August data. Iran-based attackers moved away from top charts, and we see that addresses from the United States now take the lead in the HTTP minipot incidents records.
Safer Internet Day is celebrated in more than 180 countries around the world, always on the second Tuesday of February. This year, this day fell on February 7 and was celebrated for the 20th time. The coordinator of this day for the Czech Republic is the National Safer Internet Center, managed by the CZ.NIC Association.
In the Turris project, we are currently improving e-mail communication security. If you use our infrastructure for sending notifications from Turris devices, it also applies to you. It strengthens your protection but may “break” the redirection of messages to another address.
This article describes NXNSAttack, a newly discovered DNS protocol vulnerability which affects most recursive DNS resolvers. It allows to execute random subdomain attack using DNS delegation mechanism, resulting in big packet amplification factor.
You might have heard on some news sites about “critical” vulnerability in OpenWrt. You might be worried about how it affects is your Turris. That is the reason for quotes around the word critical. TLDR not applicable against Turris
Little bit of history
Apart from operating .CZ top level domain, CZ.NIC does a lot of other interesting things contributing to the common good. Part of it is running Czech national CSIRT team, doing security research and raising awareness about potential security issues. As part of our security research, we started wondering a long time ago how much are the average Joes and Janes attacked, by who and how. People that are just connected to the internet, run no public service and are just consumers. If only there was some kind of probe that would allow us to see what is going on there…
In September this year, the Czech Safer Internet Centre (CZ.NIC), in cooperation with the National Cyber and Information Security Authority, presented an online course called Digital Footprint, intended primarily for children aged 10-13. This interactive game focuses on Internet privacy and associated socio-pathological phenomena such as personal data abuse, sexting, digital privacy or cyberbullying.
During the development of the DNS Knot Resolver, CZ.NIC Labs have managed to reveal a security flaw that makes it possible to bypass DNSSEC security on F5 load balancers and cause denial of service. These products are being used, for example, in some internet banking applications, including those of Czech banks and public authorities. From the perspective of a user attempting to access an internet banking service, a successful attack exploiting this error would manifest in the browser suddenly reporting an “address not found” error and the service becoming unavailable.
The CZ.NIC Association joined the campaign – Family Offline Week with the subtitle “We are not afraid to be offline together“, which will be held this year from May 11 to May 19, 2019. The purpose of the 4th year of the campaign is not only to celebrate the International Family Day, on May 15, but above all to think about the excessive use of digital technology. The uncontrolled use of mobile phones, tablets and computers not only causes health problems but also worsens interpersonal relationships. Children from early age play with tablets and mobiles, often losing social contact with their peers.
In March, a delegation of experts from five different organizations focused on child safety on the Internet and personal data protection from Bosnia and Herzegovina visited our Association.