What you missed: A major Internet security hole was finnaly plugged

The typical end-of-year security story generally involves a looming cyber threat or yet another major misstep by Microsoft. Well, there's good news on the security front this year - and, like our other picks, it's gone largely unnoticed. A major hole in security has been plugged with the full deployment of Domain Name System Security Extensions (DNSSec) at the Internet's authoritative root zone. (InfoWorld awarded one of the main drivers of fixing the flaw in its CTO 25 awards earlier this year, but little has been said since.)

The extensions will make it much more difficult for black hats to engage in cache poisoning, an attack that strikes at the fundamental nature of the Internet. "If you can't trust your DNS server, you can't trust anything," says Paul Smith, a senior analyst for Symantec's Hosted Services division.

DNSSec tries to prevent spoofing attacks by allowing websites to verify their domain names and corresponding IP addresses using digital signatures and public-key encryption.

The DNS was not originally designed with strong security mechanisms, and technological advances have made it easier to exploit vulnerabilities in the DNS protocol that put the integrity of DNS data at risk.

Read more -here-

• Dropbox breach exposes customer credentials, authentication data
• Google: Passkey authentications top 1 billion across 400 million accounts
• FTC fines Razer for misrepresenting COVID masks as N95s
• FCC fines Verizon, AT&T other major carriers nearly $200 million for sharing customer data
• Federal regulators accuse Amazon executives of deleting messages
• FCC restores net neutrality rules