Cybersecurity

Sponsored
by

Cybersecurity / Featured Blogs

DNS Abuse Definition: Attributes of Mitigation

A substantial amount of DNS community discussion on the topic of DNS Abuse is focused on defining what is or is not DNS Abuse. The definition adopted by ICANN contracted parties, as well as the DNS Abuse Institute, is straightforward: DNS Abuse is malware, botnets, pharming, phishing, and spam where it's a vehicle for the preceding harms. There is, of course, some fuzziness on the margins, where technical harms are also using content. more

Euro 2020 Part Three: Domains (Revisited) and Other Channels

In this final article in the series of studies looking at Euro 2020-related infringements, we revisit domain name infringements and consider activity across other online channels, with a focus on social media and mobile apps. Following the original study, which looked at domains registered before May 2020 with names containing "euro2020" or "euro2021," we analyzed daily activity levels in the period immediately preceding and during the competition. more

It’s Time to Rethink Outage Reports

Much has been said about the criticality of the small coterie of large-scale content distribution platforms and their critical role in today's Internet. These days when one of the small set of core content platforms experiences a service outage, then it's mainstream news, as we saw in June of this year with outages reported in both Fastly and Akamai. In the case of Akamai, the June outage impacted three of Australia's largest banks, their national postal service, the country's reserve bank, and one airline... more

Euro 2020 Part Two: eCommerce Marketplace Activity

Following our previous article on the Euro 2020 football tournament that looked retrospectively at domain name registrations relating to the competition, this article considers activity on eCommerce marketplaces. For this study, our Discovery Engine technology was used to conduct a regular series of scans across key international online marketplaces. We monitored for listings (offers of sale) relating to Euro 2020 clothing and merchandise. more

The Importance of Understanding Attacker Target Selection

There's a bit of a debate going on about whether the Kaseya attack exploited a 0-day vulnerability. While that's an interesting question when discussing, say, patch management strategies, I think it's less important to understand attackers' thinking than understand their target selection. In a nutshell, the attackers have outmaneuvered defenders for almost 30 years when it comes to target selection. more

The Deeper Root Cause of the Fastly and Akamai Outages

As we finished this article, the world was hit by another global outage by content delivery network (CDN) provider, Akamai, on June 17, 2021. The cause seems to be related to the lack of capacity to a certain "routing table" of their distributed denial of service (DDoS) mitigation. Although the technical analysis is not yet available, the central premise of this article also applies to this incident, and it serves as a timely testimony. more

Euro 2020: An Illustration of the Link Between Real-World Events and Online Infringements

In the run-up to the postponed Euro 2020 football championships, we've analyzed historical registration trends in domains containing the terms "euro2020" or "euro2021." A number of previous studies -- looking at events as diverse as the COVID pandemic, the annual holiday season shopping events, and the Reddit campaign relating to the manipulation of the stock price of U.S.-based retailer GameStop -- show a link between real-world events and spikes in online activity. more

Phishing Scams: How to Spot Them and Stop Them

Phishing scams are nothing new in the online security world and show no signs of subsiding. The scam starts when a fraudster sends a communication purporting to originate from a trusted provider and encourages the recipient, often with a conveyed sense of urgency, to click a link. That link leads to a fake site, usually intended to collect confidential login credentials or other personal information. In similar scams, the mail may encourage the recipient to open an attachment loaded with malicious content. more

As DENIC’s CEO Jörg Schweiger Prepares to Step Down, He Speaks About His Time at DENIC

In January Jörg Schweiger, DENIC's CTO from 2007 to 2014 and CEO since 2014, announced he was stepping down from his position in December. It's been quite a ride, and the domain name industry has evolved quite a lot. So we asked Jörg a few questions about his time with DENIC and the changes he's seen... he came up with some insightful views on why he thought new TLDs missed a great opportunity to do something with "innovative new business models," the importance of security to DENIC... more

Examining Real Examples of DNS Abuse: A Summary Overview of the 2nd DNS Abuse Forum

It was not without a little trepidation that I planned the 2nd DNS Abuse Institute Forum to focus on the long-standing and often contentious definitional issues surrounding DNS Abuse. While the risk of getting stuck in the usual entrenched positions was real, it seemed to me that we had an opportunity to provide some clarity and if not change minds, at least provide perspective. more

Industry Updates

Insurance Companies Are The Target of Recent Cybersquatting Campaigns

Shopping Online for Toys Safely: Protecting Consumers in the Holiday Season

Are Cybersquatting Campaigns Targeting Airlines Taking Off?

Cybersecurity During the Busiest Shopping Days of the Year

GoDaddy Registry Podcast, Episode 6 – The Importance of the Next Round of TLD Applications for Brand Owners

DNS Record Contents: Are Organizations Giving Away More Than They Should?

As Global Internet Demands Skyrocket, Expert Share Advice on How to Optimize IT Infrastructure to Meet Modern-Day Challenges

With Rising Number of Cyberattacks, Businesses Have to Know How to Handle IP Address Abuse

Exposing an Active Kaseya Ransomware Attack Infrastructure

Exposing Rogue Free VPN Users – An OSINT Analysis

Root Certification Expiration: Is Your Business Continuity in Jeopardy?

Majority of World’s Largest Companies Susceptible to Phishing and Brand Abuse Due to Improper Domain Security

Upcoming Hollywood Movie Releases and Domain Registration Trends, Is There a Connection?

An Analysis of the Gaming Industry’s Domain Attack Surface

Phorpiex Botnet Extortion: DNS Facts and Findings