Security News

The fix for BGP's weaknesses has big, scary, issues of its own, boffins find
2024-10-02 06:31

Bother, given the White House has bet big on RPKI – just like we all rely on immature internet infrastructure that usually works The Resource Public Key Infrastructure (RPKI) protocol has...

White House thinks it's time to fix the insecure glue of the internet: Yup, BGP
2024-09-03 22:34

Better late than never The White House on Tuesday indicated it hopes to shore up the weak security of internet routing, specifically the Border Gateway Protocol (BGP).…

Breaking down FCC’s proposal to strengthen BGP security
2024-08-07 03:30

In this Help Net Security interview, Doug Madory, Director of Internet Analysis at Kentik, discusses the FCC's proposal requiring major U.S. ISPs to implement RPKI Route Origin Validation, and addresses concerns about the impact on smaller ISPs and the global implications of U.S.-mandated changes. Regulatory mandates on BGP security could impose significant burdens on smaller ISPs, particularly regarding their ability to adapt to emerging security standards.

Cloudflare blames recent outage on BGP hijacking incident
2024-07-05 18:41

Internet giant Cloudflare reports that its DNS resolver service, 1.1.1.1, was recently unreachable or degraded for some of its customers because of a combination of Border Gateway Protocol hijacking and a route leak. The incident occurred last week and affected 300 networks in 70 countries.

FCC takes some action against notorious BGP
2024-06-07 22:29

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Orange Spain Faces BGP Traffic Hijack After RIPE Account Hacked by Malware
2024-01-05 10:01

Mobile network operator Orange Spain suffered an internet outage for several hours on January 3 after a threat actor used administrator credentials captured by means of stealer malware to hijack...

Hacker hijacks Orange Spain RIPE account to cause BGP havoc
2024-01-03 19:44

Orange Spain suffered an internet outage today after a hacker breached the company's RIPE account to misconfigure BGP routing and an RPKI configuration. "Resource Public Key Infrastructure is a cryptographic method of signing records that associate a BGP route announcement with the correct originating AS number," explains a Cloudflare article on RPKI. By enabling RPKI with a routing body such as ARIN or RIPE, a network can cryptographically certify that only routers under their control can advertise an AS number and their associated IP addresses.

Researchers Uncover New BGP Flaws in Popular Internet Routing Protocol Software
2023-05-02 14:26

Cybersecurity researchers have uncovered weaknesses in a software implementation of the Border Gateway Protocol that could be weaponized to achieve a denial-of-service condition on vulnerable BGP peers. The three vulnerabilities reside in version 8.4 of FRRouting, a popular open source internet routing protocol suite for Linux and Unix platforms.

All Dutch govt networks to use RPKI to prevent BGP hijacking
2023-04-09 15:21

Standardization Forum in the Netherlands, a research and advising organization that serves the public sector on the use open standards, announced that all communication devices managed by the Dutch government must use the RPKI standard by 2024. RPKI certificates are stored centrally and kept public, allowing network providers from anywhere in the world to validate internet traffic routes.

Facebook, Instagram, and WhatsApp back online after BGP fix
2021-10-04 22:44

Facebook, Instagram, and WhatsApp are starting to come back online after a BGP routing issue caused an over five-hour worldwide outage. As explained by Giorgio Bonfiglio, a Principal TAM at Amazon AWS, various Facebook routing prefixes had suddenly disappeared from the Internet's BGP routing tables, effectively making it impossible to connect to any services hosted on their IP addresses.