DNS Security

DNS Security / Featured Blogs

Evolution of the Dot Brand Domains in 5 Years

Aug 28, 2017

ICANN's last new gTLD application closed in 2012 with more than 600 brands applying for their dot brand. Dot brand domains associate a keyword or keyphrase and a brand name in a complete domain name... To understand better how the evolution of the dotBrand has been throughout these years, number of websites launched, redirects, registries etc, Dot Brand Observatory prepared a few visual graphics.

Probability of ROI and Tighter Network Security by Blocking Malicious Subdomains

Aug 23, 2017

Failing to block a stealthy malicious host from making connections to your network could cost your company millions of dollars, a damaged reputation, and severe losses in sensitive private data. Threat intel teams have faced on-going problems: Expensive feeds that are slow to catch new threats; Chasing false positives in alerts wastes time and money; and Vendors selling a new appliance for every ill. Would 100% of your users Spot the Bot?

CAICT Holds ICANN 59 China Internet Community Readout Session

Jul 25, 2017

In afternoon of 14th July, the China Academy of Information and Communication Technology (CAICT) and ICANN Beijing Engagement Center jointly held the ICANN 59 China Internet Community Readout Session. Mr. Zhang Ya, Deputy Director of Information and Communication Authority under the Ministry of Industry and Information Technology (MIIT), made his presence and gave opening remarks on the meeting. Over 40 representatives from the Cyberspace Administration, the Ministry of Foreign Affairs, domain name registries and registrars, industrial organizations, institutes and universities participated in the seminar.

Watch LIVE: ICANN 59 DNSSEC Workshop - June 26 at 7:00am UTC

Jun 26, 2017

Want to learn more about DNSSEC deployment challenges? Interested in learning about a DANE middlebox for HTTPS? Curious about how the upcoming DNSSEC Root Key Rollover will affect systems? And have you heard about the CDS and CDNSKEY records for DNS? What are they -- and what impact will they have on ICANN policies?

Call for Participation - DNSSEC Workshop at ICANN 59 in Johannesburg

May 09, 2017

Do you have ideas about DNSSEC or DANE that you would like to share with the wider community? Have you created a new tool or service? Have you found a way to use DNSSEC to secure some other service? Do you have new statistics about the growth or usage of DNSSEC, DANE or other related technology? If so, and if you will be in Johannesburg, South Africa, for ICANN 59 in June 2017 (or can get there), please consider submitting a proposal to speak at the ICANN 59 DNSSEC Workshop!

ICANN Complaint System Easily Gamed

Mar 14, 2017

ICANN's WDPRS system has been defeated. The system is intended to remove or correct fraudulently registered domains, but it does not work anymore. Yesterday I submitted a memo to the leadership of the ICANN At-Large Advisory Committee (ALAC) and the greater At-Large community. The memo concerns the details of a 214-day saga of complaints about a single domain used for trafficking opioids.

And the Wait Continues for .Corp, .Home and .Mail Applicants

Mar 13, 2017

On 6 March 2017, ICANN's GDD finally responded to an applicant letter written on 14 August 2016 to the ICANN Board. This was not a response from the ICANN Board to the letter from 2016 but a response from ICANN staff. The content of this letter can best be described as a Null Response. It reminded the applicants that the Board had put the names on hold and was still thinking about what to do.

Here is the DNSSEC Activity at ICANN 58 in Copenhagen March 12-15, 2017

Mar 06, 2017

Want to learn more about the current state of DNSSEC? Want to see demos of new software to secure email? Curious about the potential impact of the Root Key Rollover happening this year? Next week in Copenhagen, Denmark, ICANN 58 will include some great technical info about DNSSEC and DANE happening in several sessions. Here is the plan...

At the NCPH Intersessional, Compliance Concerns Take Centre Stage

Feb 23, 2017

The non-contracted parties of the ICANN community met in Reykjavík last week for their annual intersessional meeting, where at the top of the agenda were calls for more transparency, operational consistency, and procedural fairness in how ICANN ensures contractual compliance. ICANN, as a quasi-private cooperative, derives its legitimacy from its ability to enforce its contracts with domain name registries and registrars...

The Root of the DNS

Feb 15, 2017

Few parts of the Domain Name System are filled with such levels of mythology as its root server system. Here I'd like to try and explain what it is all about and ask the question whether the system we have is still adequate, or if it's time to think about some further changes. The namespace of the DNS is a hierarchically structured label space. Each label can have an arbitrary number of immediately descendant labels, and only one immediate parent label.

Industry Updates

Global Domain Activity Trends Seen in Q3 2024

A DNS Investigation into Mamba, the Latest AitM Phishing Player

A DNS Investigation of the 32 Doppelganger Websites Seized by the U.S. Government

Investigating the Proliferation of Deepfake Scams

Examining the DNS Underbelly of the Voldemort Campaign

2024 Domain Intelligence Study of 6 APT Groups Notorious for Targeting Europe

Stripping Down the BlackSuit Ransomware Network Aided by DNS Data

A DNS Deep Dive into the NetSupport RAT Campaign

Tracking the DNS Footprint of the Polyfill Supply Chain Attackers

Study by WhoisXML API Explores IDNs, Native-Language Characters, and Homograph Attacks

The Extended Reach of the Extension Trojan Campaign in the DNS

Inspecting Konfety’s Evil Twin Apps through the DNS Lens

Hunting for U.S. Presidential Election-Related Domain Threats in the DNS

A Closer Look at the Meduza Stealer through a DNS Deep Dive

July 2024: Domain Activity Highlights

View More