Cyberattack

Blogs

Endpoint Rollbacks & Data Shadow Copies

Recently I was asked by a customer how they can easily set up rollback capabilities on the endpoints in their corporate network. They had seen the marketing hype by various security technology providers that their products included rollback capabilities they could utilize if/when one of their workstations or servers was infected by malware. Having gotten this question more than once, I thought it would be a good subject to share with a broader audience. more

Key Findings from the 2021 Domain Security Report

With cybercrime on the rise, companies in 2021 have experienced increased ransomware attacks, business email compromise (BEC), phishing attacks, supply chain attacks, and online brand and trademark abuse. While domain cyber risk is rising, the level of action being taken by Forbes Global 2000 companies to improve their domain security posture has remained unchanged, leaving these companies exposed to even more risk. The risk of not addressing your domain security can be catastrophic. more

It’s Time to Rethink Outage Reports

Much has been said about the criticality of the small coterie of large-scale content distribution platforms and their critical role in today's Internet. These days when one of the small set of core content platforms experiences a service outage, then it's mainstream news, as we saw in June of this year with outages reported in both Fastly and Akamai. In the case of Akamai, the June outage impacted three of Australia's largest banks, their national postal service, the country's reserve bank, and one airline... more

The Importance of Understanding Attacker Target Selection

There's a bit of a debate going on about whether the Kaseya attack exploited a 0-day vulnerability. While that's an interesting question when discussing, say, patch management strategies, I think it's less important to understand attackers' thinking than understand their target selection. In a nutshell, the attackers have outmaneuvered defenders for almost 30 years when it comes to target selection. more

New Research Indicates Nearly 80% of Top US Energy Companies Are at Serious Risk for Cyberattacks

In light of the Biden administration's recent efforts in protecting critical infrastructure from cyber threats, new research from CSC indicates that a majority of the top energy companies in the U.S. are vulnerable to attack due to shortcomings in their online operations. Specifically, these organizations are vulnerable to domain name and domain name system (DNS) hijacking and phishing attacks based on their lack of effective domain security. more

Cybersecurity, an Essential Weapon in the Cyberwarfare to Protect Our Democracy

We see the problems that we are facing within an increasingly digital society and economy. We cannot go backward; the only way forward is to ensure that this new digital environment is made as safe as possible from a personal, social, political and economic perspective. We are currently struggling on these fronts. Unfortunately, we have now clearly entered a situation of cyber warfare. States now use digital technologies to impose and undermine ideologies. more

What Are the Connections to Identified Hafnium Malicious IP Addresses?

Cyber attackers are very skilled at infiltration. They'd find ways into a house through cracks and holes that the homeowner doesn't know about. Analogically speaking, that's what the new cyber attack group dubbed "Hafnium" did when they identified several zero-day Microsoft Exchange vulnerabilities to get into target networks. With thousands of users for every Microsoft Exchange server, the attack has far-reaching implications. First, it establishes the presence of a new threat actor group in town. What else could they be up to? more

Four-Pronged Approach to Keep Your Domain Names and DNS Secure from Cyberattacks

Domain names, domain name systems (DNS), and digital certificates are fundamental components of the most important applications that enable your company to conduct business - including your website, email, voice-over IP, and more. However, these vital applications are being attacked with an increasingly high level of sophistication and severity. more

78% of Cybersecurity Professionals Expect an Increase in DNS Threats, Yet Have Reservations

A recent survey conducted by the Neustar International Security Council confirmed the heightened interests on domain name system (DNS) security. The survey reveals that over three-quarters of cybersecurity professionals anticipate increases in DNS attacks, especially with more people shopping online amid the pandemic. Yet, close to 30% have reservations about their ability to respond to these attacks. more

Notes from NANOG 81

As the pandemic continues, the network operator community continues to meet online. NANOG held its 81st meeting on February 8 and 9, and these are my notes from some of the presentations at that meeting... Ethernet, developed in 1973 at Xerox PARC, was a revolutionary step in network architectures in many ways. The common bus architecture imposed several constraints on the network that have echoed through the ensuing four decades in all kinds of ways. more

3 Most Scary Attacks that Leaked Personally Identifiable Information (PII) of Millions of Users

Cybercriminals are increasingly targeting Personally Identifiable Information (PII). The reason being "data is the new gold" in this digital world, and the more sensitive some data is, the more value it has. There is no more sensitive data than personally identifiable information because it contains enough information to identify you digitally. Examples of personally identifiable information include name, email, contact number, address, social security number, tax file number, banking or financial information, and more such data that helps identify you. more

Clarivate Domain Survey Reveals a 10% Increase in Cyberattacks

Clarivate has once again surveyed global business leaders about the importance of domain names to their organizations, including the role of domains as intellectual property (IP) assets. The 2020 survey followed up on our 2019 survey, revealing key year-over-year trends in how organizations manage, secure and budget for domain names. In this blog, we review key trends from the new report. more

Reshaping Cyberspace: Beyond the Emerging Online Mercenaries and the Aftermath of SolarWinds

Ahmed Mansoor is an internationally recognized human rights defender based in the Middle East and recipient of the Martin Ennals Award (sometimes referred to as a "Nobel Prize for human rights"), On August 10 and 11, 2016, Mansoor received an SMS text messages on his iPhone promising "new secrets" about detainees tortured if he clicked on an included link. Instead of clicking, Mansoor sent the messages to the Canadian Citizen Lab researchers. more

Protecting an Enterprise from Cyber Catastrophe

We are suffering an epidemic of cyberattacks while in a viral pandemic. This post is for those who have responsibility for assuring that the IT-based services offered by their enterprise can quickly recover in the case of successful cyber-attack or other disaster. University of Vermont Medical Center (UVMMC) is an excellent hospital. I owe my life to treatment there and am grateful for both the skill and the kindness of UVMMC staff. They have been devastated by a cyber-attack. more

Cybersecurity Considerations in the Work-From-Home Era

Verisign is deeply committed to protecting our critical internet infrastructure from potential cybersecurity threats, and to keeping up to date on the changing cyber landscape. Over the years, cybercriminals have grown more sophisticated, adapting to changing business practices and diversifying their approaches in non-traditional ways. We have seen security threats continue to evolve in 2020, as many businesses have shifted to a work from home posture due to the COVID-19 pandemic. more

News Briefs

Close to Half of US East Coast Fuel Supply Shutdown Due to Ransomware Cyberattack

DDoS Attacks Are Surging Both in Frequency and Sophistication

Over 360 Security Experts Around the World From Group to Combat COVID-19 Hackers, Protect Hospitals

U.S. Health Agency Suffers From Cyberattack, COVID-19 Disruptions by Foreign Actors Suspected

Microsoft Takes Legal Action Against North Korean Cybercrime Group, Takes Down 50 Domains

More Than 500 Schools in the U.S. Hit by Ransomware in 2019, Says Report

27 Countries Issue Joint Statement on ‘Advancing Responsible State Behavior in Cyberspace’

Cyber Risk Now on Top of Corporate Risk Agendas, Cyber Insurance Expanding

The Insecurity of the IoT is Only Getting More Profound, Says Principal Researcher at F-Secure

Ransomware Causes 15 Schools in Arizona To Stay Closed For a Second Day

Phishing Attacks Targeting Executives Now Top Cybersecurity Insurance Claims, Says AIG

Close to 200K Phishing Domains Discovered in a 5-Month Span, 66% Targetted Consumers, Akamai Reports

A 60% Rise Reported on Malware Designed to Harvest Consumers’ Digital Data, aka Password Stealers

Equifax Announces Comprehensive Consumer Settlement for the 2017 Data Breach

Florida Cities Are Paying Hundreds of Thousands of Dollars in Ransom to Get Their Data Back

State-Sponsored Cyberattack Against Telecom Providers Is Targetting Data on Specific Individuals

US Launches Cyberattack Against Iran’s Military IT Systems

United States Steps Up Digital Incursions Into Russia’s Electric Power Grid, According to NYT

Notorious Hacker Group XENOTIME Expands Its Targeting Beyond Oil and Gas to Electric Utility Sector

Use of DNS Firewalls Could Have Prevented More Than $10B in Data Breach Losses Over the Past 5 Years

Most Viewed

Most Commented

Industry Updates

With Rising Number of Cyberattacks, Businesses Have to Know How to Handle IP Address Abuse

Exposing an Active Kaseya Ransomware Attack Infrastructure

An Analysis of the Gaming Industry’s Domain Attack Surface

Phorpiex Botnet Extortion: DNS Facts and Findings

Beyond Hafnium Attacks: An Expansion of IoCs Related to 3 APT Clusters

What’s the Domain Attack Surface of the Top 10 Most Impersonated Brands in Q2 2021?

Could the LGBTQ Community Be a Target of Internet Threat Actors?

WhoisXML API Upgraded Its Web Categorization Engine

A Glimpse of Big Telcos’ Domains and Subdomains Footprints

Hidden Botnet C&C on Legitimate Infrastructure? The Case of 000webhostapp[.]com

A Deep Dive into Known Magecart IoCs: What Are the Connected Internet Properties?

A List of Potential Attack Artifacts for the Top 3 Phished Brands in 2020

A Look at Recent Attacks on K-12 Distance Learning Providers Using Domain Intelligence

How to Monitor IP Netblocks for Possible Targeted Attacks

Blind Eagle Targeted Attack: Using Threat Intelligence Tools for IoC Analysis and Expansion

Participants – Random Selection