On 5 March 2024, the Grand Chamber of the Court of Justice of the European Union handed down a landmark judgment that was years in the making. The case is formally known as C 588/21 P, Public.Resource.Org and Right to Know v Commission. The Judgment of the Court is identified as ECLI:EU:C:2024:201. more
There have been a number of occasions when the Internet Engineering Task Force (IETF) has made a principled decision upholding users' expectations of privacy in their use of IETF-standardised technologies. (Either that, or they were applying their own somewhat liberal collective bias and to the technologies they were working on!) The first major such incident that I can recall is the IETF's response to the US CALEA measures. more
In his January 12 SpaceX update, Elon Musk said the biggest goal for Starlink from a technical standpoint is to get the mean latency below 20 ms. He expanded by saying that given the speed of light, 8 ms is the absolute minimum latency for a satellite at 550 km. He believes they can optimize terrestrial and inter-satellite links, and minimize queueing delays and dropped packets, to recude the the rest of the time to below 10 ms. more
I recently had the opportunity to speak on a podcast with Dave Bittner at CyberWire to discuss how .AI is giving cybercriminals a new avenue to take advantage of some of the largest companies in the world based on research findings from CSC's 2023 Domain Security Report. Below is a summary of the key points discussed during this podcast. more
There have been a number of occasions when the Internet Engineering Task Force (IETF) has made a principled decision upholding users' expectations of privacy in their use of IETF-standardised technologies. (Either that, or they were applying their own somewhat liberal collective bias to the technologies they were working on!) The first major such incident that I can recall is the IETF's response to the US CALEA measures. more
Last November, ICANN launched a ticketing system for those interested in obtaining domain name registration data ("WHOIS"). Titled Registration Data Request Service, or RDRS, the portal aims to direct requests for WHOIS data to participating registrars, who then decide whether or not to disclose the data. more
In the last year, the company that runs the Turkish Domain Registry has made many changes to how the extension is run. First, it has a brand new portal for registrars to interact with, liberalizing the extension .COM.TR, so registrants are no longer required to meet local presence rules, and it has launched a new dispute process to help brand holders recover domain names. more
As was the case in the US during World War II, civilian volunteers are making important contributions to the Ukrainian war effort. On February 8, 2022, the first truckload of Starlink terminals arrived in Kyiv. A week later they were being used. By April 2022, there were 5,000 terminals in Ukraine, and 42,000 as of April 2023. (At this point, SpaceX and Ukraine have gone silent. Neither ChatGPT4, Gemini, Copilot, Perplexity, nor I could not find a current terminal count). more
Satellites make it possible for governments to provide essential services, such as national defense, navigation, and weather forecasting. Private ventures use satellites to offer highly desired services that include video program distribution, telecommunications, and Internet access. The Russian launch of a satellite, with nuclear power and the likely ability to disable satellites, underscores how satellites are quite vulnerable to both natural and manmade ruin. more
Last month, the Russian state-sponsored hacking group "Midnight Blizzard" gained access to the email accounts of Microsoft leadership, even exfiltrating documents and messages. The group reportedly used a simple brute-force style attack to access a forgotten test account and then exploited the permissions on that account to access the emails of employees in the cybersecurity and legal teams. more
On February 12–13, 2024, the first round of the final consultations for a Global Digital Compact (GDC) took place online and offline at the UN Headquarters in New York City. Around 50 governments and 50 speakers from non-governmental institutions took the floor. It was not really a dialog; it was a formal presentation of three-minute statements. more
In the February 13th edition of the Wall Street Journal, Professor Thomas W. Hazlett offers a breathless endorsement of market concentration with the T-Mobile acquisition of Sprint, his go-to example. Apparently, mergers and acquisitions benefit consumers because they enhance competition and generate all sorts of positive outcomes that could not possibly have occurred but for the reduction in the number of industry players. more
An IPv4 address identifies your connection to the online world. IP addresses make it possible to host websites, manage secure communication, and engage in countless other essential, internet-related activities. Typically, when migrating to a new cloud provider, a business has only one path: lease the provider's IP addresses. But what if a business already has a block of IP addresses? more
This blog post and the associated report aim to provide an overview of DNS Abuse 1related issues the Governmental Advisory Committee (GAC), part of the ICANN multi-stakeholder model, has identified. We also summarize the relevant community activity taking place to address these areas of interest and highlight remaining gaps. From 2016 to June 2023, the GAC referenced four primary categories of activity related to DNS Abuse. more
The Internet Watch Foundation (IWF) leads the charge to combat child sexual abuse material (CSAM) online, and we at Public Interest Registry (PIR) are dedicated to supporting their efforts. We are honored to work with them across two important programs: Domain Alerts and TLD Hopping List. IWF services have been extremely successful in addressing CSAM on .ORG over the past five years more
The U.S. Federal Communications Commission (FCC) has updated the national broadband speed standard to at least 100Mbps download and 20Mbps upload speeds, marking the first adjustment since January 2015. more
The Council of European National Top-level domain Registries (CENTR) has issued recommendations to modify the EU's Financial Data Access Regulation proposal, warning about the potentially irreversible effects on European consumers and businesses. more
Multiple subsea cable breaks have significantly disrupted internet connectivity across South Africa, affecting a wide range of internet and cloud service providers and leaving thousands of users disconnected. more
A significant ransomware attack by a group known as AlphV or BlackCat has severely disrupted pharmacies across the U.S., affecting the delivery of prescription medications for over ten days. This attack on Change Healthcare has resulted in considerable difficulties for hospital pharmacies and nationwide drug distribution. more
The CENTR Global TLD Report 2024 highlights a modest growth in registered domains across the EU, with a notable increase in Poland, France, and Italy, primarily through their national ccTLDs. more
The United States, along with key global partners, has formally committed to principles guiding the development of 6G technology, as announced by the White House. This move comes amidst a strategic contest to shape the future of wireless communication standards, driven by concerns over authoritarian regimes exerting greater control over the internet within their borders. more
A series of underwater communications cables connecting Saudi Arabia and Djibouti have been rendered inoperative, an incident attributed to the actions of Yemen's Houthi rebels. This revelation comes from an exclusive report by the Israeli news outlet, Globes. more
China launched a notable 67 commercial rockets in a single year, marking a significant effort to catch up with the United States, which led with 116 launches, primarily for SpaceX's Starlink project. more
In a recently released paper by the Council of European National Top-level Domain Registries (CENTR), authored in collaboration with Chris Buckridge, the spotlight is once again on the multistakeholder approach to Internet governance. more
In a significant global operation, law enforcement agencies from 10 countries have severely disrupted the LockBit ransomware group, recognized as the most prolific and harmful cyber threat worldwide. more
In a significant service disruption early Thursday, AT&T's network experienced widespread outages, affecting cellular service and internet connectivity for users across the United States. According to the tracking site Downdetector, the issues began around 4 a.m. ET, with over 32,000 reports of outages, which surged to more than 71,000 by 8 a.m. ET. more
As governments convene to discuss the UN Cybercrime Treaty, Google is urging caution, warning that the current draft could endanger online security and free expression. more
Hackers have commandeered approximately three million smart toothbrushes, transforming them into a botnet for launching a DDoS (Distributed Denial of Service) attack against a Swiss company's website, causing significant financial losses. more
The U.S. has introduced a new visa restriction policy targeting individuals implicated in the misuse of commercial spyware. Secretary of State Antony Blinken announced that these restrictions would apply to those involved in, facilitating, or benefiting from the abuse of such technology. more
Mozilla is launching Mozilla Monitor Plus, a premium service priced at $8.99 per month annually, promising to detect and remove users' personal information from over 190 data broker sites. more
A DNSSEC failure plunged hundreds of Russian-language websites into darkness on Tuesday evening, rendering .ru and .рф domains inaccessible. The outage affected users both within and outside Russia, with major platforms such as Tinkoff Bank, Avito, Wildberries, Yandex, and MTS experiencing disruptions. more
The Internet Corporation for Assigned Names and Numbers (ICANN) is considering the introduction of a new top-level domain (TLD) named .INTERNAL. Unlike traditional TLDs, .INTERNAL is designed exclusively for internal use, akin to the private IPv4 block 192.168.x.x. more
The U.S. National Security Agency (NSA) has confirmed acquiring Americans' internet browsing information without warrants through commercial brokers, according to a letter from NSA Director Paul Nakasone to Senator Ron Wyden. more
The world of the Internet mourns the loss of a pioneering force, as Dave Mills, a luminary in the realm of computer networking, passed away on January 17, 2024, at the age of 86 (announced by Vint Cerf). A trailblazer and visionary, Mills played a pivotal role in shaping the very foundations of the interconnected world we inhabit today. more
ICANN, the organization overseeing the Domain Name System, has announced a $10 million grant initiative to propel projects supporting "the growth of a single, open and globally interoperable Internet." The first application cycle for grants is set to open in March 2024. more
Sponsored byRadix
Sponsored byVerisign
Sponsored byCSC
Sponsored byIPv4.Global
Sponsored byDNIB.com
Sponsored byVerisign
Sponsored byWhoisXML API
The Citizen Lab recently uncovered an ongoing online propaganda campaign they have dubbed "PAPERWALL" that has been targeting local news outlets across 30 countries in Europe, Asia, and Latin America. more
The passage provided features an interview with Chad Silverstein and Jack Hazan, who is the Executive Vice President at Hilco Streambank. Hazan oversees the operations of Hilco’s IPv4.Global business division. more
VexTrio, a traffic distribution system (TDS) provider believed to be an affiliate of ClearFake and SocGholish, among other threat actors, has been active since 2017. more
In the past, DarkGate attacks were either lumped together with or classified as BattleRoyal remote access Trojan (RAT) attacks. Recent evidence, however, showed the two malware are not one and the same. more
Among the latest to suffer from zero-day exploitation is Ivanti, a software company providing endpoint management and remote access solutions to various organizations, including U.S. federal agencies. more
Law enforcement agencies shut down xDedic, a cybercrime-as-a-service (CaaS) marketplace specifically providing web servers to cybercriminals, back in 2019. However, WhoisXML API threat researcher Dancho Danchev posits that parts of its backend infrastructure may remain traceable. more
New kids on the cybercrime block, pig butchering scams, have been making waves lately, and it is not surprising why. Scammers have been earning tons from them by being able to trick users into investing in seemingly legitimate business ventures but losing their hard-earned cash instead. more
In the digital age, where every device, from smartphones to fridges, connects to the Internet, the topic of IP addresses becomes increasingly relevant. An IP address, a unique identifier for devices on the Internet, has seen its fair share of evolution from IPv4 to IPv6. Yet, the question lingers: Are unused IPv4 addresses a hidden treasure? more
RisePro, a malware-as-a-service data stealer, has been plaguing users since 2022. ANY.RUN recently discovered and analyzed its latest version in great depth and identified 10 indicators of compromise (IoCs) -- three domains and seven IP addresses. more
CSC, an enterprise-class domain registrar and world leader in mitigating domain security, domain name system (DNS), and digital brand threats, today announces its partnership with NetDiligence®, a leader in cyber risk readiness and response solutions for the cyber insurance industry. more
The Sea Turtle threat group recently made headlines when it expanded its operations to target ISPs and telecommunications and media companies in the Netherlands. In the past, Sea Turtle primarily targeted organizations in the Middle East and the U.S. using DNS hijacking and man-in-the-middle (MitM) attacks. more
The OilRig cyber espionage group that goes by many names, including APT34, Crambus, Lyceum, and Siamesekitten, launched a long-term intrusion against a Middle Eastern government agency that ran from February to September 2023. more
Radix has launched a free branding tool for creators who use link-in-bio services. The new tool transforms clunky and ordinary links-in-bio (or bio-links) such as ‘linktr.ee/johndoe123’ into branded links such as ‘www.johndoe.online’ for free. more
Cybercriminals are known for using so-called "loaders" like Xloader to initiate computer infections. Worse, even newbies can now get their hands on these malware distributors via hacker forums. Case in point? JinxLoader, one of the latest malicious offerings up for grabs on the likes of hackforums[.]net. more