Industry

The State of Phishing

Over the last three years, the Anti-Phishing Working Group's semiannual Global Phishing Survey has become a widely cited source of information about the state of phishing and its place in the Internet landscape. Afilias' Director of Domain Security, Greg Aaron, has been co-authoring these reports with Rod Rasmussen of Internet Identity, with the goal to show the community what phishers are doing and how anti-abuse measures are effective. more

Be Wary of Bogus Web Properties This Tax Season

The U.S. tax season began when the Internal Revenue Service (IRS) started accepting and processing 2021 tax returns on 24 January 2022. The deadline is set for 18 April 2022, and taxpayers expect to receive email notifications regarding penalties, refunds, and other tax-related issues more

Neustar UltraDNS Basic Launches Add-On Services for Website Monitoring and DNS Server Failover

Neustar Inc., a trusted, neutral provider of real-time information and analysis to Internet, telecommunications, entertainment, advertising and marketing industries, announced today two new add on services for UltraDNS Basic, the company's low-cost version of its managed DNS solution. more

How SIEM Vendors Can Reduce False Positives from Their Products

Organizations operating a security information and event management (SIEM) solution are struggling with one of the biggest problems in cybersecurity today: false positives. more

If I Have an SSL, Do I Need DNSSEC?

Many folks believe their online presence is safe simply because their site has an SSL certificate. The truth is that, while SSL does provide protection and encryption of data for a website, attackers can use tactics that affect the end user before they get to your website. more

Verisign Achieves Critical DNSSEC Milestone by Deploying Security Extensions in .com TLD

Verisign, Inc. announced today that .com -- the Internet's largest domain with more than 90 million domain name registrations worldwide -- now supports DNS Security Extensions (DNSSEC).
 more

Thousands of Government-Related Subdomains Revealed in Subdomains Search

Elections and other events related to the government typically drive a great amount of Internet activity. Considering the domain name space, we found 4,197 subdomains related to the U.S. elections and the government in general. more

What Is the Current State of Malicious PPI Businesses and Affiliate Networks?

Pay-per-install (PPI) businesses and affiliate networks made for a booming cybercriminal underground market from 2008 to 2013. Buoyed by the proliferation of fake antivirus (FakeAV) peddlers, operators made staggering profits from the sale of rogue security software.
 more

Online Shopping Danger? 13K+ Cybersquatting Properties of Top E-Commerce Sites Discovered

AliExpress is among the most visited business-to-customer (B2C) e-commerce sites globally, with millions of visitors daily. Therefore, a recent cybersquatting campaign targeting the platform could lure many victims into buying counterfeit products, divulging their login credentials, downloading malware, and many other actions that could jeopardize their data and devices. more

Domain Registrar Selection: A Key Indicator of Overall Organization Security

This week, CSC and SecurityScorecard - the global leader in cyber security ratings for enterprise organizations - released an important piece of research in a whitepaper that shows a company's choice of domain registrar really does matter when it comes to cyber security. more

Tracing Connections to Rogue Software Spread through Google Search Ads

Taking control of victims' accounts is typically the end goal of many cybercriminals, and they never cease to come up with wily ways to do so. Bleeping Computer researchers recently spotted hackers spreading malware mayhem through Google search ads supposedly pointing to open-source software download sites. more

What Subdomains Lookup Revealed About Thousands of Microsoft-Related Subdomains

Microsoft is among the most imitated brands globally. Running the company's popular product and service names, such as LinkedIn, Office365, and Windows, on a subdomains lookup tool, we uncovered 7,900 related subdomains. more

Subdomain Lookup as Part of Cybersecurity Best Practices

Threat actors are always on the lookout for potential ways into target networks. And although the cybersecurity world has a lot on its radar already, subdomains are entry points that are not always easy to identify and may end up overlooked. more

DDoS Attacks: Top 10 Trends and Truths (Video)

DDoS experts recently participated in a webinar conducted by Neustar for a revealing discussion on how DDoS attacks are evolving and what to look for in 2012. Watch the following on-demand webcast. more

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Threat researcher Dancho Danchev recently uncovered 130 domains that seemingly belong to fake cryptocurrency sellers. The WhoisXML API research team sought to find potential connections to the threat by expanding the current list of indicators of compromise (IoCs) using our vast array of DNS intelligence sources. more