Freight firms will be urged to use Belgian ports if delays at Calais threaten vital drug shipments.
Most of us don’t think twice about installing software or updates from a trusted developer. We scrutinize the source site carefully to make sure it’s legitimate, and then we let the code run on our computers without much more thought. As developers continue to make software and webpages harder to hack, blackhats over the past few years have increasingly exploited this trust to spread malicious wares. Over the past week, two such supply-chain attacks have come to light.
The first involves VestaCP, a control-panel interface that system administrators use to manage servers. This Internet scan performed by Censys shows that there are more than 132,000 unexpired TLS certificates protecting VestaCP users at the moment. According to a post published last Thursday by security firm Eset, unknown attackers compromised VestaCP servers and used their access to make a malicious change to an installer that was available for download.
Poisoning the source
“The VestaCP installation script was altered to report back generated admin credentials to vestacp.com after a successful installation,” Eset Malware Researcher Marc-Étienne M.Léveillé told Ars. “We don’t know exactly when this happened, but the modified installation script was visible in their source code management on GitHub between May 31 and June 13.” VestaCP developer Serghey Rodin told Ars his organization is working with Eset to investigate the breach to better understand the attack.
What can we learn from recent success of the Root KSK Rollover? What is the status of DNSSEC deployment in parts of Europe – and what lessons have been learned? How can we increase the automation of the DNSSEC “chain of trust”? And what new things are people doing with DANE?
All these topics and more will be discussed at the DNSSEC Workshop at the ICANN 63 meeting in Barcelona, Spain, on Wednesday, October 24, 2018. The session will begin at 9:00 and conclude at 15:00 CEST (UTC+2).
The agenda includes:
- DNSSEC Workshop Introduction, Program, Deployment Around the World – Counts, Counts, Counts
- Panel: DNSSEC Activities
- Includes presenters from these TLDs: .DK, .DE, .CH, .UK, .SE, .IT, .ES, .CZ
- Report on the Execution of the .BR Algorithm Rollover
- Panel: Automating Update of DS records
- Panel: Post KSK Roll? Plan for the Next KSK Roll?
- DANE usage and use cases
- DNSSEC – How Can I Help?
It should be an outstanding session! For those onsite, the workshop will be room 113.
- WATCH LIVE: https://participate.icann.org/bcn63-113
- More info and slides are available from these URLs (ICANN’s online schedule system breaks it up into sections based on breaks and lunch):
Lunch will be served between the second and third sessions.
Thank you to our lunch sponsors: Afilias, CIRA, and SIDN.
Please do join us for a great set of sessions about how we can work together to make the DNS more secure and trusted!
If you would like more information about DNSSEC or DANE, please visit our Start Here page to begin.
Image credit: ICANN
The post Watch Live – DNSSEC Workshop on October 24 at ICANN 63 in Barcelona appeared first on Internet Society.
A new film about the British rock band Queen throws the spotlight on the East African archipelago’s famous son.