Hacker News with Generative AI: Internet Security

Mandatory short duration TLS certificates are probably coming soon (utoronto.ca)
The news of the time interval is that the maximum validity period for TLS certificates will be lowered to 47 days by March 2029, unless the CA/Browser Forum changes its mind (or is forced to) before then.
Security, TLS, Internet Security, Certificates, Technology
18 points by aragilar 12 days ago | 23 comments
OTF,which backs Tor,Let's Encrypt and more, sues to save funding from Trump cuts (theregister.com)
An organization that bankrolls various internet security projects has asked a Washington DC court to prevent the Trump administration from cancelling its federal funding – and expressed fears that if the cash stops flowing, the tools it supports could become harder to access.
Internet Security, Politics, Funding, Lawsuits
9 points by croes 31 days ago | 0 comments
Chaos in the Cloudflare Lisbon Office (cloudflare.com)
Over the years, Cloudflare has gained fame for many things, including our technical blog, but also as a tech company securing the Internet using lava lamps, a story that began as a research/science project almost 10 years ago. In March 2025, we added another layer to its legacy: a "wall of entropy" made of 50 wave machines in constant motion at our Lisbon office, the company's European HQ.
Technology, Cloudflare, Office Culture, Internet Security
282 points by jgrahamc 40 days ago | 139 comments
Cloudflare Analyzes Login Credentials (benjojo.co.uk)
Based on Cloudflare's observed traffic between September - November 2024, 41% of successful logins across websites protected by Cloudflare involve compromised passwords.
Security, Data Analysis, Internet Security, Password Security
6 points by dsr_ 40 days ago | 0 comments
Avoid ISP Routers (2024) (routersecurity.org)
In my opinion, you are safest using both a modem and a router that you purchased on your own. That is, avoid equipment from your ISP.
Networking, Internet Security, Hardware, ISPs
316 points by dp-hackernews 83 days ago | 204 comments
The Slow Death of OCSP (feistyduck.com)
Everybody is talking about OCSP now because, just last month, at the end of 2024, Let’s Encrypt announced it was going to stop supporting online certificate revocation checking.
Security, Certificates, Internet Security
66 points by speckx 86 days ago | 12 comments
The Internet is (once again) awash with IoT botnets delivering record DDoSes (arstechnica.com)
Bigger, badder DDoSes are flooding the Internet. Dismal IoT security is largely to blame.
Internet Security, DDoS Attacks, IoT Security
7 points by rntn 93 days ago | 0 comments
Backdooring your backdoors – Another $20 domain, more governments (watchtowr.com)
After the excitement of our .MOBI research, we were left twiddling our thumbs. As you may recall, in 2024, we demonstrated the impact of an unregistered domain when we subverted the TLS/SSL CA process for verifying domain ownership to give ourselves the ability to issue valid and trusted TLS/SSL certificates for any .MOBI domain.
Security, Domains, Internet Security, Cybersecurity, Research
14 points by notmine1337 108 days ago | 2 comments
Phishers Love New TLDs Like .shop, .top and .xyz (krebsonsecurity.com)
Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees the domain name industry is moving forward with plans to introduce a slew of new gTLDs.
Cybersecurity, Phishing, Domain Names, Internet Security
170 points by todsacerdoti 144 days ago | 209 comments
2024 U.S. Election: Exploring the Surge in Cyber Activity and Cyber Attacks (cloudflare.com)
Elections are not just a matter of casting ballots. They depend on citizens being able to register to vote and accessing information about candidates and the election process, which in turn depend on the strength and security of the Internet. Despite the risks posed by potential cyberattacks aimed to disrupt democracy, Cloudflare did not observe any significant disruptions to campaigns or local government websites from cyberattack.
Cybersecurity, Elections, U.S. Politics, Internet Security
6 points by emot 170 days ago | 0 comments
The Alarming Prevalence of Zone Transfers (reconwave.com)
We found that 8% of all nameservers still have zone transfers enabled for all authorized zones, potentially exposing sensitive information to malicious actors.
Security, DNS, Internet Security
11 points by olamoskae 186 days ago | 6 comments
Cloudflare auto-mitigated world record 3.8 Tbps DDoS attack (cloudflare.com)
Cloudflare's DDoS protection systems have been combating a month-long campaign of hyper-volumetric L3/4 DDoS attacks.
Cybersecurity, DDoS Attacks, Cloudflare, Internet Security, Network Security
10 points by syck 206 days ago | 0 comments
Ephemeral IDs: a new tool for fraud detection (cloudflare.com)
In the early days of the Internet, a single IP address was a reliable indicator of a single user. However, today’s Internet is more complex. Shared IP addresses are now common, with users connecting via mobile IP address pools, VPNs, or behind CGNAT (Carrier Grade Network Address Translation). This makes relying on IP addresses alone a weak method to combat modern threats like automated attacks and fraudulent activity.
Fraud Detection, Security, Internet Security, IP Addresses
17 points by leiferik 215 days ago | 7 comments
White House Cyber Director Releases Roadmap to Enhance Internet Routing Security (whitehouse.gov)
Cybersecurity, Internet Security, Government, Technology, Policy
12 points by ChrisArchitect 234 days ago | 2 comments
White House's New Roadmap to Enhance Internet Routing Security [pdf] (whitehouse.gov)
Internet Security, Cybersecurity, Government, Policy
5 points by bobismyuncle 234 days ago | 2 comments
Malaysian ISPs Hijack Cloudflare/Google DNS Requests (torrentfreak.com)
Internet Security, DNS, Malaysia, ISPs
18 points by lcof 260 days ago | 1 comments
Phish-friendly domain registry ".top" put on notice (krebsonsecurity.com)
Cybersecurity, Domain Names, Internet Security
221 points by LinuxBender 276 days ago | 159 comments
Intent to end OCSP service (letsencrypt.org)
Security, Internet Security, Certificates, SSL/TLS
415 points by soheilpro 277 days ago | 143 comments
Cloudflare reports almost 7% of internet traffic is malicious (zdnet.com)
Cybersecurity, Internet Security, Cloudflare, Data Security
11 points by CrankyBear 283 days ago | 4 comments
FCC pushes ISPs to fix security flaws in Internet routing (arstechnica.com)
Internet Security, Regulation, Technology, Networking
12 points by foresto 323 days ago | 0 comments
US Post Office phishing sites get as much traffic as the real one (bleepingcomputer.com)
Cybersecurity, Phishing, Internet Security
66 points by gennarro 362 days ago | 20 comments
Hackers infect users of antivirus service that delivered updates over HTTP (arstechnica.com)
Cybersecurity, Antivirus Software, Internet Security, Data Breaches
48 points by LinuxBender 367 days ago | 2 comments
We ensure Cloudflare customers aren't affected by LE's certificate chain change (cloudflare.com)
Security, Cloudflare, Internet Security, Certificates, Let's Encrypt
36 points by stanleydrew 377 days ago | 16 comments