SecurityWeek reports that the National Security Agency has released new Internet Protocol version 6 transition recommendations aimed at helping federal agencies address cybersecurity risks involving the shift to the newer internet protocol.
While both IPv6 and IPv4 share similar security issues, the Department of Defense and other system administrators may face new issues in IPv6, including the absence of mature configuration and network security tools, as well as inadequate administrator experience, according to the NSA. Expected dual-stack operation, or simultaneous IPv4 and IPv6 implementations, is also poised to raise cyber risks.
Federal and DoD network administrators have been urged by the NSA to leverage a Dynamic Host Configuration Protocol version 6 server for assigning addresses to hosts to avert concerns regarding stateless address auto-configuration privacy. The NSA also recommended against tunnel use for packet transporting in an effort to curb attack surface. Necessary IPv6 training and education should also be given to network administrators.
"While there are convincing reasons to transition from IPv4 to IPv6, security is not the main motivation. Security risks exist in IPv6 and will be encountered, but they should be mitigated with a combination of stringently applied configuration guidance and training for system owners and administrators during the transition," said the NSA.
SiliconAngle reports that mounting security alert fatigue has prompted Torq to introduce its new HyperSOC system based on its Hyperautomation Platform using artificial intelligence to enable security operation center response automation, management, and monitoring in a bid to bolster the investigation and remediation of cybersecurity threats.
Moldovan botnet operator Alexander Lefterov, also known as Alipatime, Alipako, and Uptime, has been indicted by the U.S. Department of Justice for his involvement in widespread attacks against U.S.-based computers, BleepingComputer reports.