Latest news with #SeanLyons
Techday NZ
6 days ago
- Business
- Techday NZ
Akamai launches DNS solution for unified, multicloud security
Akamai Technologies has launched DNS Posture Management, a solution intended to provide unified, multicloud visibility and real-time monitoring for securing DNS infrastructure. The new product is described by Akamai as an agentless platform offering a consolidated view across a range of DNS providers. According to the company, this allows security teams to detect and respond to DNS-based attacks, certificate security risks, vulnerabilities and misconfigurations in real time. DNS is fundamental to network functionality, serving as the protocol for resolving domain names for computers, services, and other resources across the Internet and private IP networks. The critical nature of DNS has also made it a favourite target for cyberattacks such as spoofing, cache poisoning, and rogue certificate abuse. Many large organisations operate multiple DNS systems sourced from a mix of vendors to underpin both their internet and corporate network operations. Akamai notes that this complexity creates ongoing challenges for IT teams, who must keep DNS configurations current and in line with network changes, whilst maintaining proper security and performance settings. Outdated configurations or lapsed certificates can leave organisations exposed to risks, especially as requirements for post-quantum compliance increase. Security teams also contend with a high volume of alerts and complicated compliance obligations, which, if managed manually, risk allowing major issues to slip through unnoticed. Akamai asserts that automating compliance assessments and integrating these findings into incident management is now critical to efficient security processes. "DNS security often flies under the radar, but it's vital in keeping businesses secure and running smoothly," said Sean Lyons, SVP and General Manager, Infrastructure Security Solutions & Services, Akamai. "For many organisations, the challenge isn't setting up DNS - it's knowing whether all their systems are actually properly configured and secured. Those organisations really need a simple way to see what's happening across their DNS environment to take action quickly. That's the problem we're solving with DNS Posture Management. Security practitioners get a clear, unified view that helps them identify priority issues early, stay compliant, and keep their networks performing at their best." Akamai highlights that misconfigurations and known DNS vulnerabilities are common, potentially undermining uptime and reliability. Such issues also increase susceptibility to serious threats including unauthorised SSL/TLS certificate issuance, DNS spoofing, and cache poisoning. Attackers could exploit these weaknesses to create forged websites that mimic a company's branding for activities such as phishing, fraud, or data theft. In some cases, they may be able to render DNS servers inoperable, resulting in service outages for both the business and its customers. Continuous compliance monitoring is cited by Akamai as necessary to address these risks, especially given expanding regulatory expectations for DNS and certificate management. DNS Posture Management automates compliance checks aligned with standards such as NIST, PCI DSS, and HIPAA, aiming to simplify the process and reduce costs for enterprise users. The solution integrates a Certificate Monitor, designed to catalogue digital certificates by their associated domains and highlight security issues such as expired, misconfigured, or unauthorised certificates. An HTTP posture analysis capability is also included to assess domains utilising these certificates. DNS Posture Management supports coverage across major cloud and DNS providers, including Akamai Cloud, AWS, Microsoft Azure, and Google Cloud Platform. The product is positioned as a unified dashboard where security teams can view zones, domains, subdomains, and records in one place. An additional Managed Security Service is available from Akamai, intended to augment internal resources with continual global security expertise, which the company says is designed to help organisations maximise the benefits of DNS Posture Management.
1News
10-05-2025
- Climate
- 1News
Fake cyclone alerts being used in phishing scams
Cybersecurity officials and meteorologists are warning of an increase in phishing attempts masquerading as severe weather alerts, with false claims of a "massive" cyclone forming near New Zealand circulating online. One such post falsely claimed a large cyclone was forming in the Tasman Sea and heading towards New Zealand. It featured dramatic storm imagery and an outdated map of ex-Cyclone Uesi, which impacted the west of the South Island in 2020. In the comments section, a link directed users to an external website — a tactic commonly used to steal personal information or infect devices with malware. It comes as numerous genuine weather alerts were in force nationwide yesterday, with heavy rain and gale-force winds expected as two active fronts approached. Netsafe chief online safety officer Sean Lyons said the scam exploited a heightened state of awareness following a series of severe weather events in the past month, including a tornado in Levin, flooding thunderstorms in Auckland, and damage from Ex-Tropical Cyclone Tam. April ended with a deep low-pressure system that triggered states of emergency in several regions and brought Wellington its strongest winds in over a decade. "Using the weather shows how attuned they are to what's going on here," he said. Lyons said scams like these may be about harvesting the credentials of users and compiling a list of people susceptible to stories about a certain topic. "It's like a pre-qualifying list, so then you can go on and focus the real scam on a highly qualified list of people that you're pretty sure are going to feel the right kind of emotional tug. You're doing that with a much less scattershot approach, not sending out a million and getting one or two back, but crafting a couple of hundred and getting ten back." He warned people to be "extra cautious" when interacting with links like this online. "What seems to just be an innocuous click could actually be the start of somebody trying to target us for something an awful lot more frightening." The National Cyber Security Centre (NCSC) said the post was a form of phishing where scammers enticed readers to click a link by posting alarming fake news stories online. "Attackers are always looking for new ways to reach their targets, and it's not unusual for them to use times of crisis as opportunities to obtain funds and information from victims," an NCSC spokesperson said. They urged people to "pause and think before you click" and to treat unknown websites and requests for money or personal information cautiously. "Seek alternative sources for information and apply a degree of scrutiny to sites that are less well-known." MetService, the country's official provider of severe weather warnings, said there were no tropical cyclones present or forecast in the South Pacific. "If there is a threat of severe weather such as a cyclone, we will issue severe weather warnings as appropriate," a spokesperson said. They also provided some tips, including to check for a reference to MetService as the official provider of severe weather information, if dates were correct on any images used, and a cross check of the information with a trusted source.
1News
24-04-2025
- Business
- 1News
NZ banks to reimburse some scam victims up to $500,000
Banks will now be required to reimburse scam victims up to $500,000 if they fail to adequately warn and protect a consumer from a scam. The Banking Association has announced five new protections introduced to the Code of Banking Practice, which will be progressively rolled out over the next seven months. Where a bank fails to meet the five new commitments, institutions will compensate all or part of the loss for eligible customers. Banks will also retain the discretion to pay compensation beyond what is set out in the code. Banks would also continue to compensate losses for eligible customers when services are accessed without the customer's authority. Commerce and Consumer Affairs Minister Scott Simpson said the compensation scheme and stronger safeguards were an "important win for bank customers". "New commitments from banks mean that if a bank fails to adequately warn and protect a consumer from a scam, they will reimburse the victim up to $500,000," he said. NetSafe chief online safety officer Sean Lyons said stopping scammers requires a multi-faceted approach. (Source: Breakfast) He said banks would also take a more active role in preventing scams by participating in information-sharing agreements across industry and government and educating people. "While people still need to remain vigilant and take responsibility for their own online safety, these changes will enable consumers to check a payment is legitimate before transferring money," Simpson said. Similar expectations were made clear to telecommunications companies and digital platforms, which scam messages can be carried over. The scam protection commitments include: Confirmation of Payee service for customers to check that the name of the person they are paying matches the account number. This has already begun. Pre-transaction warnings to consumers based on the payment purpose. Identification of and response to high-risk transactions or unusual account transaction activity, and the ability to block or delay transactions in some cases. Providing a 24/7 reporting channel for customers who think they've been scammed, and responding to protect accounts. Sharing scammer account information with other banks to help prevent criminal activity, and freezing funds where appropriate. NetSafe chief online safety officer Sean Lyons told Breakfast that the announcement was "movement in the right direction". "What we're talking about is banks saying 'we will look at what we see as high-risk transactions, we will try and educate and inform individuals, we will allow them to contact us 24/7'. All of these things are definitely moves in the right direction to minimise the losses that New Zealanders are experiencing." He said dealing with scams was a "multifaceted thing" with lots of moving parts, which could be confusing for many people. "Knowing that people have a place to go and talk to, finding that advice is also a really key part to stopping people before they get caught in that scam." Lyons said it was hard to get an accurate picture of the amount of losses, as people feel a huge sense of shame and embarrassment about falling victim to scams. "We have to get past that idea that there's a 'type' of person that gets scammed. It's not an age, it's not a gender, it's not what you're doing. There's a scam out there that will hit you at the right time. "If it hits you at the right time, it's likely to have you fall for it. The scammers keep moving, they keep changing, they keep modifying what they do in order to make us not feel steady on our feet around these things,' he said. He said the banks sharing information with one another about bad actors was a great step forward. 'We need to be constantly changing what it is that we do to make the scam landscape as difficult and disruptive as we can for scammers and as easy to access support and help for New Zealand consumers."
