/ Featured Blogs

Beyond the Top Level: DNSSEC Deployment at ICANN 40

Apr 12, 2011

I recently wrote about the encouraging level of DNSSEC adoption among top-level domain name registries, and noted that adoption at the second level and in applications is an important next step for adding more security to the DNS. The root and approximately 20 percent of the top level domains are now signed; it is time for registrars and recursive DNS servers operated by the ISPs to occupy center stage. more

Unlimited Bandwidth is Disrupting Infrastructure Models

Apr 12, 2011

Over the last ten years we have heard a lot about edge-based services. These were needed to enable the operation of applications at the edge of the network, as the lack of available bandwidth capacity made it difficult to do so over the core network. However, with the prospect of limitless bandwidth the design of the network is changing again. more

Facts & Tips for Consumers About the Epsilon Breach

Apr 11, 2011

There has been a lot of talk, blogging, tweeting and press reportage about the Epsilon breach, but little in the way of concrete information to consumers as to where they stand, if their personal information (PII) such as their name and email address has been lost to criminals. The CAUCE Board of Directors have developed the following FAQ that provides facts and guidance for those affected by the breach. more

Privacy is a Growth Market in Search of Leadership

Apr 11, 2011

Within a single month, privacy has moved to the top of the "to-do" list for government, business and consumers. In fact, the confluence of activity is the best indication in the last ten years that the will exists to establish regulatory and self-governance programs that complement consumer protection. Privacy is a growth market. more

Real. Or. Phish?

Apr 11, 2011

After Epsilon lost a bunch of customer lists, I've been keeping an eye open to see if any of the vendors I work with had any of my email addresses stolen -- not least because it'll be interesting to see where this data ends up. Recently I got mail from Marriott, telling me that "unauthorized third party gained access to a number of Epsilon's accounts including Marriott's email list."... more

RIPE NCC Members Secure their Resources Using Certification

Apr 11, 2011

Resource certification verifies that an Internet number resource (IP address space or autnonomous system number) has legitimately been allocated by a Regional Internet Registry. It will also benefit every network operator and Internet user in the world by helping to ensure long-term routing stability. more

Are You Ready for the Mobile Revolution?

Apr 11, 2011

If there is one fundamental trend everyone can agree on in technology circles, it's the move to mobile. More and more online traffic is originating not from PCs, but from smart mobile devices. You can pick your research study to confirm -- recently I read that Tony White of Ars Logica is projecting that by next year 50% of all web traffic will be generated by mobile devices. That may be aggressive, but you get the idea. more

The Epsilon Phishing Model

Apr 09, 2011

Phishing researcher Gary Warner's always interesting blog offers some fresh perspective on clicking links on emails, as the crux of the phishing problem. Gary writes: "There is a saying 'if you give a man a fish, he'll eat for a day, but if you teach a man to fish, he can feed himself for a lifetime.' In the case of the Epsilon email breach the saying might be 'if you teach a man to be phished, he'll be a victim for a lifetime.' In order to illustrate my point, let's look at a few of the security flaws in the business model of email-based marketing, using Epsilon Interactive and their communications as some examples." more

Top Public DNS Resolvers Compared

Apr 07, 2011

At ThousandEyes, we've always been curious about the performance of various public DNS resolvers -- especially since Google threw their hat in the ring back in 2009. We satisfied our curiosity this week, so we thought we'd share the results. Here's how we did it. more

ESP Compromises and Their Lack of Security

Apr 07, 2011

Over at Word to the Wise, Laura Atkins has a post up where she talks about the real problem with ESPs and their lack of internal security procedures which resulted in the breach of many thousands of email addresses (especially Epsilon). However, Atkins isn't only criticizing ESP's lack of security but also the industry's response wherein they have suggested countermeasures that are irrelevant to the problem.  more

Industry Updates

Uncovering DNS Details on Operation Celestial Force

Global DNS and Domain Activity Trends in Q2 2024

On the Hunt for Remnants of the Samourai Wallet Crypto Mixing Services in the DNS

A Peek at the V3B Phishing Kit Attack via the DNS Lens

NIS2 and Its Implications for Global Brands

  • By CSC
  • Jul 05, 2024

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Following the DNS Trail of APT Group Newbie Unfading Sea Haze

On the DNS Trail of the Foxit PDF Bug Exploitation Attackers

Profiling a Popular DDoS Booter Service’s Ecosystem

IPv4.Global Commits to Keep Ukraine Connected

A DNS Investigation of the Phobos Ransomware 8Base Attack

Stately Taurus APT Group Targets Asian Countries: What Do the Campaign IoCs Reveal?

Managing Expanding Attack Surfaces for Growing Businesses

Subdomain Hijacking in the News Again - What is It?

  • By CSC
  • May 20, 2024

Looking for More Signs of Nitrogen in the DNS

View More