DNS Security

Credential-Hinting Domain Names: A Phishing Lure?

As an attack vector, phishing has had several underlying purposes – e.g., delivering malware, stealing sensitive information, and defrauding victims. However, it looks like most phishing emails could be used to obtain user credentials according to the 2021 Annual State of Phishing Report by Cofense.

Industry Insights: Verisign, ICANN and Industry Partners Collaborate to Combat Botnets

Addressing DNS abuse and maintaining a healthy DNS ecosystem are important components of Verisign's commitment to being a responsible steward of the internet. We continuously engage with the Internet Corporation for Assigned Names and Numbers (ICANN) and other industry partners to help ensure the secure, stable and resilient operation of the DNS.

CSC Security Center – What It Can Do for You

CSC is currently the only provider in the market offering our unique tool giving complete oversight of your most business-critical assets - namely CSC Security Center. It gives you the ability to monitor proactively the security status of all of your vital domains, DNS, digital certificates - as well as receive email alerts of changes or potential risks as and when they happen.

SideWinder DNS Blackholes Uncovered with Threat Intelligence Platform

A Domain Name System (DNS) blackhole is essentially a DNS server that gives false results for domain names. Also known as a "sinkhole server," an "Internet sinkhole," or a "DNS sinkhole," threat actors sometimes use DNS blackholes to redirect users to potentially harmful sites or pages.

COVID-19-Related Bulk Domain Registrations: A Possible Case of DNS Abuse?

Addressing Domain Name System (DNS) abuse has been a priority of the Internet Corporation for Assigned Names and Numbers (ICANN), notably since March 2020. During its 70th conference, the organization's members talked about creating a web page defining DNS abuse-related terms, which should be updated over time, to help users report cases.

DNS Over HTTPS: Spanish Version of eco Discussion Paper on DoH Available

Throughout the history of the Internet, traditional DNS traffic - for example, when a user types a website name into a browser - has largely been unencrypted. The DNS over HTTPS (DoH) protocol, which first emerged in 2018, makes use of the well-known secure HTTPS web protocol to change that.

10 Common Digital Threats to Businesses

The year 2020 has created an increased impetus for change - especially as companies embrace digital transformation at an accelerated pace. Cybercriminals have also upped their game, switching their attention to hot targets such as healthcare and pharmaceutical brands.

Enriching IP Blacklists Using a Reverse IP/DNS Database

Every organization faces two kinds of cyber threats daily - "known" and "unknown" ones. Known threats are those that security experts have discovered, often published in blogs and major news outfits with accompanying indicators of compromise (IoCs). Unknown threats, meanwhile, are those that remain hidden to victims and researchers. IoCs for these have yet to be identified and disclosed.

CSC’s Research on Election-Related Domains Aligns with Recent FBI and CISA Warning

Following a public announcement from the FBI and CISA warning the public to avoid spoofed election-related internet domains, CSC announced research findings that show the overwhelming majority of registered typo domains related to the election are vulnerable.

The DNS Ecosystem, Its Vulnerabilities, and Threat Mitigations

David Conrad, CTO of The Internet Corporation for Assigned Names and Numbers (ICANN), recently presented a keynote during a webinar we collaborated on with other internet organizations. This post summarises his explanation of the domain name system (DNS) ecosystem, its vulnerabilities, and threat mitigations.