{"title":"Encrypted DNS: The good, the bad and the moot","authors":"G. Kambourakis, Georgios Karopoulos","doi":"10.12968/s1361-3723(22)70572-6","DOIUrl":"https://doi.org/10.12968/s1361-3723(22)70572-6","url":null,"abstract":"Every connection to an Internet service requires a Domain Name System (DNS) lookup. Nevertheless, similar to other protocols used since the early days of the Internet, DNS was not designed with trust and security in mind. From a bird's eye view, the DNS threat model boils down to two types of attackers: off-path ones who can transmit packets but cannot observe the traffic, and on-path who sit either between the client and the recursive resolver, or between the recursive resolver and the DNS servers, and can read or modify packets.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"48 16 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83411268","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"How SMEs can prevent third-party vendor data breaches","authors":"Oliver Pinson-Roxburgh","doi":"10.12968/s1361-3723(22)70574-x","DOIUrl":"https://doi.org/10.12968/s1361-3723(22)70574-x","url":null,"abstract":"Small businesses are born from passion, personality and a will to grace the world with unique products or services. But in an increasingly digital world, they're built and sustained on practicalities such as having a functional website, providing punctual customer support or efficiently managing finances. Technical skills – and especially security – are unlikely to be one of your core competencies. But if you outsource it, are you really in control?","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72521399","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Cloud – buzzword or business plan?","authors":"P. Wragg","doi":"10.12968/s1361-3723(22)70575-1","DOIUrl":"https://doi.org/10.12968/s1361-3723(22)70575-1","url":null,"abstract":"","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"71 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78139519","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"The age of holistic consolidation and automation of cyber security","authors":"Tim Wallen","doi":"10.12968/s1361-3723(22)70571-4","DOIUrl":"https://doi.org/10.12968/s1361-3723(22)70571-4","url":null,"abstract":"Solution saturation is plaguing the cyber security market. Technology has driven the security strategy for security teams for far too long, which only compounds the problem, leaving them with too many tools, and with cross-functionality and gaps remaining in their security posture. Organisations need to shift the way they think about their cyber security challenges and how they can overcome them.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"2012 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86427219","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Securing the API economy","authors":"T. Spencer","doi":"10.12968/s1361-3723(22)70570-2","DOIUrl":"https://doi.org/10.12968/s1361-3723(22)70570-2","url":null,"abstract":"Application programming interfaces (APIs) are an example of technological advances that continue to play a vital role in our digital experience. But while APIs present ample opportunity for growth, managing user data creates an increased responsibility to ensure the safety of API-enabled transactions, and data breaches aren't made easier by the presence of APIs in an app's software architecture.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"16 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82146540","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"How government bodies can lead the field on data management and privacy","authors":"J. Fielding","doi":"10.12968/s1361-3723(22)70569-6","DOIUrl":"https://doi.org/10.12968/s1361-3723(22)70569-6","url":null,"abstract":"","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"48 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73290082","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"RATs in the cloud: gaining access to container environments","authors":"Assaf Morag","doi":"10.12968/s1361-3723(22)70567-2","DOIUrl":"https://doi.org/10.12968/s1361-3723(22)70567-2","url":null,"abstract":"Misconfigured UI tools can allow access and control over cloud-native environments. This article looks at the techniques that threat actors use to exploit UI tools for their benefit.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"122 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74463506","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"The who, what, why and when of data protection impact assessments","authors":"Nigel Jones","doi":"10.12968/s1361-3723(22)70566-0","DOIUrl":"https://doi.org/10.12968/s1361-3723(22)70566-0","url":null,"abstract":"Despite their importance, misunderstandings about Data Protection Impact Assessments (DPIAs) are a common stumbling block for many businesses. So what do you need to know about them?","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"30 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74178379","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Identifying the changing faces of international fraudsters","authors":"Sam Ranieri","doi":"10.12968/s1361-3723(22)70563-5","DOIUrl":"https://doi.org/10.12968/s1361-3723(22)70563-5","url":null,"abstract":"Businesses are exploring new frontiers in e-commerce, with lucrative growth opportunities opening all over the globe. The acceleration of online buying, fuelled by the pandemic, means that retailers are scrambling to serve a rapidly expanding global customer base. It's clear that consumers everywhere have quickly adapted to e-commerce but accompanying this huge evolution in consumer demand are emerging fraud threats, designed to exploit vulnerabilities in the digital ecosystem.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"12 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89362995","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
