DNS Security

DNS Security / Featured Blogs

ICANN 56 in Helsinki - Schedule of DNSSEC Activities

Jun 25, 2016

The ICANN 56 meeting takes place in Helsinki, Finland, from June 27-30 and while it is a smaller "policy forum" style of meeting, there will still be some activities related to DNSSEC, DANE and DNS security in general. DNSSEC Workshop The DNSSEC Workshop will take place on the morning of Monday, 27 June 2016. All times are Eastern European Summer Time (EEST), which is UTC+3. more

The Path to DNS Privacy

May 26, 2016

The DNS is normally a relatively open protocol that smears its data (which is your data and mine too!) far and wide. Little wonder that the DNS is used in many ways, not just as a mundane name resolution protocol, but as a data channel for surveillance and as a common means of implementing various forms of content access control. But all this is poised to change. more

Increasing the Strength of the Zone Signing Key for the Root Zone

May 06, 2016

One of the most interesting and important changes to the internet's domain name system (DNS) has been the introduction of the DNS Security Extensions (DNSSEC). These protocol extensions are designed to provide origin authentication for DNS data. In other words, when DNS data is digitally signed using DNSSEC, authenticity can be validated and any modifications detected. more

Call for Participation - DNSSEC Workshop at ICANN 56 in Helsinki, Finland on 27 June 2016

Apr 28, 2016

Do you have an idea for an innovative use of DNSSEC or DANE? Have you recently deployed DNSSEC or DANE and have some "lessons learned" that you could share? Did you develop a new tool or service that works with DNSSEC? Have you enabled DNSSEC by default in your products? (And why or why not?) Do you have ideas about how to accelerate usage of new encryption algorithms in DNSSEC? more

DNS and Stolen Credit Card Numbers

Apr 20, 2016

FireEye announced a new piece of malware yesterday named MULTIGRAIN. This nasty piece of code steals data from Point of Sale (PoS) and transmits the stolen credit card numbers by embedding them into recursive DNS queries. While this was definitely a great catch by the FireEye team, the thing that bothers me here is how DNS is being used in these supposedly restrictive environments. more

Asia-Pacific Job Opening: Join Internet Society Deploy360 Programme to Promote IPv6, DNSSEC, More

Apr 20, 2016

Do you live in the Asia-Pacific region and are interested in accelerating the deployment of key technologies such as IPv6, DNSSEC, TLS or secure routing mechanisms? If so, my Internet Society colleagues involved with the Deploy360 Programme are seeking a "Technical Engagement Manager" based somewhere in the AP region. Find out more information about the position, the requirements and the process for applying. more

ICANN Fails Consumers (Again)

Apr 15, 2016

In its bid to be free of U.S. government oversight ICANN is leaning on the global multistakeholder community as proof positive that its policy-making comes from the ground up. ICANN's recent response to three U.S. senators invokes the input of "end users from all over the world" as a way of explaining how the organization is driven. Regardless of the invocation of the end user (and it must be instinct) ICANN cannot seem to help reaching back and slapping that end user across the face. more

My Top Takeaways from DNS-OARC 24

Apr 06, 2016

The 24th DNS-OARC meeting was held last week in Buenos Aires -- a two-day DNS workshop with amazingly good, consistent content. The programme committee are to be congratulated on maintaining a high quality of presentations. Here are my picks of the workshop. They fall into three groups, covering themes I found interesting... These presentations related to the ongoing problem of DNS as a source of reflection attacks, or a victim of attempted DDoS... more

The Path Toward Increasing the Security of DNSSEC with Elliptic Curve Cryptography

Mar 29, 2016

How do we make DNSSEC even more secure through the use of elliptic curve cryptography? What are the advantages of algorithms based on elliptic curves? And what steps need to happen to make this a reality? What challenges lie in the way? Over the past few months we've been discussing these questions within the community of people implementing DNSSEC, with an aim of increasing both the security and performance of DNSSEC. more

DNSSEC Workshop Streaming Live from ICANN 55 in Marrakech on Wednesday, March 9, 2016

Mar 09, 2016

What is the current state of DNSSEC deployment around the world and also in Africa? How can you deploy DNSSEC at a massive scale? What is the state of using elliptic curve crypto algorithms in DNSSEC? What more can be done to accelerate DNSSEC deployment? Discussion of all those questions and much more can be found in the DNSSEC Workshop streaming live out of the ICANN 55 meeting in Marrakech, Morocco, on Wednesday, March 9, from 9:00 to 15:15 WET. more

Industry Updates

On the Hunt for Remnants of the Samourai Wallet Crypto Mixing Services in the DNS

A Peek at the V3B Phishing Kit Attack via the DNS Lens

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Following the DNS Trail of APT Group Newbie Unfading Sea Haze

On the DNS Trail of the Foxit PDF Bug Exploitation Attackers

Profiling a Popular DDoS Booter Service’s Ecosystem

A DNS Investigation of the Phobos Ransomware 8Base Attack

Stately Taurus APT Group Targets Asian Countries: What Do the Campaign IoCs Reveal?

Looking for More Signs of Nitrogen in the DNS

Thoughts on RDRS for Brand Owners

  • By CSC
  • May 13, 2024

Unraveling the World of Security Data Aggregation

A DNS Investigation of the Typhoon 2FA Phishing Kit

Examining a U.S. Tax Scammer’s Web Infrastructure through the DNS Lens

Hunting for TimbreStealer Malware Artifacts in the DNS

Uncovering Suspicious Download Pages Linked to App Installer Abuse

View More