DNSSEC Key Signing Key Rollover Postponed

Original release date: September 29, 2017

The Internet Corporation for Assigned Names and Numbers (ICANN) has announced that the change to the Root Zone Key Signing Key (KSK) scheduled for October 11, 2017, has been postponed. A new date for the…

Original release date: September 29, 2017

The Internet Corporation for Assigned Names and Numbers (ICANN) has announced that the change to the Root Zone Key Signing Key (KSK) scheduled for October 11, 2017, has been postponed. A new date for the Key Roll has not yet been determined.

DNSSEC is a set of DNS protocol extensions used to digitally sign DNS information, which is an important part of preventing domain name hijacking. Updating the DNSSEC KSK is a crucial security step, similar to updating a PKI Root Certificate. Maintaining an up-to-date Root KSK as a trust anchor is essential to ensuring DNSSEC-validating DNS resolvers continue to function after the rollover. While DNSSEC validation is mandatory for federal agencies, it is not required of the private sector. Systems of organizations that do not use DNSSEC validation will be unaffected by the rollover.

Users and administrators are encouraged to review ICAAN announcement KSK Rollover Postponed and the US-CERT Current Activity on DNSSEC Key Signing Key Rollover for more information.

US-CERT will provide additional information as it becomes available.


This product is provided subject to this Notification and this Privacy & Use policy.


Darknet 2017-09-29 05:54:51

It seems to be non-stop lately, this time it’s Deloitte Hacked, which has also revealed all kinds of publically accessible resources that really should be more secure (VPN, RDP & Proxy services).

The irony is that Deloitte positions itself as a …

Deloitte Hacked – Client Emails, Usernames & Passwords Leaked

It seems to be non-stop lately, this time it’s Deloitte Hacked, which has also revealed all kinds of publically accessible resources that really should be more secure (VPN, RDP & Proxy services).

The irony is that Deloitte positions itself as a global leader in information security and offers consulting services to huge clients all over the planet, now it seems they don’t take their own advice. Honestly this is not all that uncommon, it’s human nature to leave your own stuff last as it doesn’t directly impact revenue or value (until you get hacked).

Read the rest of Deloitte Hacked – Client Emails, Usernames & Passwords Leaked now! Only available at Darknet.

Mozilla Releases Security Updates

Original release date: September 28, 2017

Mozilla has released security updates to address multiple vulnerabilities in Firefox ESR 52.4 and Firefox 56. A remote attacker could exploit some of these vulnerabilities to take control of an affected …

Original release date: September 28, 2017

Mozilla has released security updates to address multiple vulnerabilities in Firefox ESR 52.4 and Firefox 56. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

US-CERT encourages users and administrators to review the Mozilla Security Advisories for Firefox ESR 52.4 and Firefox 56 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Cisco Releases Security Updates

Original release date: September 27, 2017

Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.US-CERT encourages u…

Original release date: September 27, 2017

Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:


This product is provided subject to this Notification and this Privacy & Use policy.