Featured Blogs

Latest

I Don’t Need a Signature to Know It’s Going to Be Bad…

There was a period of time not long ago in which signature-based threat detection was cutting-edge. Antivirus, intrusion detection systems (IDS), data leakage prevention (DLP), content filtering and even anomaly detection systems (ADS) all continue to rely heavily upon static signatures. In recent years vendors have shied away from discussing their dependence on such signatures -- instead extolling supplemental "non-signature-based" detection technologies. more

Fake Bank Site, Fake Registrar

In our continuing review of Rogue Registrars we have stumbled upon on a very elaborate fake banking site for "Swiss Bank" or "Bank of Switzerland". To the casual Internet consumer this site probably appears legitimate, but a number of clues tip off the fraud. Phishing sites are everywhere so this does not immediately raise eyebrows until you review the Thick WHOIS record for the domain. more

DNS Changer

One fine night in November 2011 I got an opportunity to get my hands dirty, working on a project for the United States Federal Bureau of Investigation (FBI). They were planning to seize a bunch of computing assets in New York City that were being used as part of a criminal empire that we called "DNS Changer" since that was the name of the software this gang used to infect a half million or so computers. more

Spectrum Key to Broadband Utility

The explosion in mobile communications in the developing world has created social and economic changes that have exceeded all expectations and predictions -- even those made as recently as five years ago. There are still countries lagging behind, but now is the time to move on to the next stage -- and that means broadband. Already the developed world is showing an enormous appetite for mobile broadband, so the demand is most certainly there. The rapid development of low cost Smartphone, projected to approach $50 soon... more

Wither WHOIS!: A New Look At An Old System

No, that title is not a typo. The WHOIS service and the underlying protocol are a relic of another Internet age and need to be replaced. At the recent ICANN 43 conference in Costa Rica, WHOIS was on just about every meeting agenda because of two reasons. First, the Security and Stability Advisory Committee put out SAC 051 which called for a replacement WHOIS protocol and at ICANN 43, there was a panel discussion on such a replacement. The second reason was the draft report from the WHOIS Policy Review Team. more

Household Botnet Infections

Pinning down the number of infected computers is really, really hard. I'd go as far as saying it's practically impossible to calculate, let alone observe. Still, that's not going to stop people from attempting to guess or extrapolate from their own observations. Over the years I've heard "reliable" numbers ranging from 10% through to 60% -- and I don't trust any of them. There's a whole gaggle of reasons why the numbers being thrown out to the public are inaccurate and should ideally be interpreted with a lot of skepticism by any right-minded folks. more

Microsoft Disrupts the Zeus Infrastructure

Over the weekend and this morning, Microsoft, working in conjunction with others, issued civil lawsuits to sinkhole numerous domains associated with the Zeus botnet. When I say "botnet", I use the term loosely because Zeus is not a botnet in the sense that Rustock or Waledac is (or was). Rather, Zeus is a tool kit that online criminals can buy that lets them create phishing pages, perform fast fluxing, host drive-by downloads in addition to spamming. It's more like infrastructure than a botnet, although it does have a large botnet under its control. more

A Gap in the New gTLD Applicant Guidebook?

I strongly believe there is a serious "breach" in the Applicant Guidebook: I checked the scoring, I checked the possible objections, I am aware of the Governmental Advisory Committee (GAC) early warning but I really could not find how ICANN is going to avoid Community applications to be submitted as Standard ones. The role of ICANN is to offer a solution to launching new generic Top-Level Domains, it is no party in saying whether a new gTLD is a Community or not. more

The Internet Monopoly

People are increasingly becoming aware of the emerging 'internet monopoly'. Companies such as Google, Facebook, Twitter and many the other (local) social network and media sites are becoming so large and powerful that they can dictate the use of their services in such a way that people lose control over their own information and their participation in these networks. ... These digital media developments certainly did happen, but they are not founded on the 'permission-based' principles that we advocated during all those years. more

ICANN and the Red Cross: An Exceptional Exception

ICANN's policy on the special protection of the Red Cross and the International Olympic Committee (IOC) names has triggered a very lively discussion including contributions by Konstantinos Komatis, Milton Muller, Wolfgang Kleinwächter, and myself (with Avri Doria's reply). There is an agreement that the exceptions are dangerous for ICANN's gTLD policy process which is in a formative and delicate phase. more

The Journey of IPv6 Implementation 9 Months Later

ICANN 43 in Costa Rica was in the heart of IPv6 implementation with everybody touching on how much it was needed as part of the internet ecosystem to fully utilize the ICANN expansion of the new gTLD namespace from 21 to the maximum number that will manage to get delegated at the beginning of 2013. more

NASA Teething Troubles Teach a DNSSEC Lesson

On January 18, 2012, Comcast customers found they could not access the NASA.gov website. Some users assumed that Comcast was deliberately blocking the website or that NASA, like Wikipedia and Reddit, was participating in the "blackout" protests against the Stop Online Piracy Act (SOPA) going on that day. As it turned out, the truth was much less exciting, but it offers important lessons about DNSSEC. more

Achieving a Cyber-Reliant Infrastructure

Don't worry about the bad guys turning out the lights. Worry about everything they're stealing while the lights are still on. The theft of intellectual property ranging from Hollywood films to defense secrets is underway by cyber-criminals of various stripes. Maintaining control over intellectual property may be the single most important challenge to American economic security. Implementing a cyber-reliant infrastructure is a national challenge which crosses the traditional boundaries between economic sectors and between public and private domains. more

The Case for Trademark Protection for Top Level Domains

The United States Patent and Trademark Office currently does not provide Trademark protection services for the Top Level Domain industry, an industry which generates almost $1 Billion in revenues annually in the United States. The Top Level Domain industry is the only legal business class in the United States that is denied constitutionally guaranteed intellectual property protections... The lack of Trademark Protection for the Top Level Domain industry has greatly increased the amount of uncertainty associated with the ICANN Application Process for new Top Level Domains. more

Email Delivery Challenges Increasing

Return Path published their most recent Global Deliverability report this morning. It shows that inbox placement of mail has decreased 6% in the second half of 2011. This decrease is the largest decrease Return Path has seen in their years of doing this report... Filters are getting more sophisticated. This means they're not relying on simply IP reputation for inbox delivery any longer. more

Topics

Cybersecurity

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

DNS

Sponsored byDNIB.com

Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix

Threat Intelligence

Sponsored byWhoisXML API

Domain Names

Sponsored byVerisign

Latest Blogs

Recently Discussed

Most Discussed – Last 30 Days

Most Viewed – Last 30 Days