DNS Security

 Sponsored
by

Noteworthy

WHOIS History API: Powering Domain Investigations

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 22, 2019 |   Read More |   17,528

Reverse WHOIS: A Powerful Process in Cybersecurity

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider Jun 14, 2019 |   Read More |   18,484

Domain Research and Monitoring: Keeping an Eye on the Web for You

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 24, 2019 |   Read More |   17,274

DNS Security / Most Commented

The Case Against DNSSEC

Aug 14, 2007

I was talking to my good friend Verner Entwhistle the other day when he suddenly turned to me and said "I don't think we need DNSSEC". Sharp intake of breath. Transpired after a long and involved discussion his case boiled down to four points: 1. SSL provides known and trusted security, DNSSEC is superfluous, 2. DNSSEC is complex and potentially prone to errors, 3. DNSSEC makes DoS attacks worse, 4. DNSSEC does not solve the last mile problem. Let's take them one at a time... more

Defending Networks Against DNS Rebinding Attacks

Aug 09, 2007

DNS rebinding attacks are real and can be carried out in the real world. They can penetrate through browsers, Java, Flash, Adobe and can have serious implications for Web 2.0-type applications that pack more code and action onto the client. Such an attack can convert browsers into open network proxies and get around firewalls to access internal documents and services. It requires less than $100 to temporarily hijack 100,000 IP addresses for sending spam and defrauding pay-per-click advertisers. Everyone is at risk and relying on network firewalls is simply not enough. In a paper released by Stanford Security Lab, "Protecting Browsers from DNS Rebinding Attacks," authors Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, and Dan Boneh provide ample detail about the nature of this attack as well as strong defenses that can be put in place in order to help protect modern browsers. more

Internet Governance in 2026: Sovereignty, Security, and the Limits of Multistakeholderism

Jan 04, 2026

As Internet governance fragments in 2026, authority shifts from open, multistakeholder forums to state-led security regimes, legal instruments, and alliance-based cooperation, challenging longstanding institutions and reshaping global norms through enforcement rather than consensus. more

Looking Ahead: ICANN’s Upcoming Policy on DNS Abuse Mitigation

Dec 12, 2025

ICANN is finalising a policy to curb DNS abuse, aiming to preserve internet stability while defending freedom of expression. With regulatory pressure mounting, the multistakeholder model faces a critical test. more

NANOG 95: From Faster Fibre to Route Leaks, Operators Face Old Problems with New Tools

Nov 29, 2025

The NANOG 95 conference spotlighted breakthroughs in fibre optics, wireless technology, routing security, and quantum computing, offering a forward-looking assessment of internet infrastructure and its vulnerabilities, as reported by APNIC's Geoff Huston. more

AWS Unveils Route 53 “Accelerated Recovery” to Bolster DNS Resilience

Nov 28, 2025

AWS is introducing Route 53 Accelerated Recovery to help organizations maintain DNS control during regional outages, offering a 60-minute recovery objective and sustained access to key API operations for critical updates and traffic management. more

DNS Under Strain: Technical and Policy Challenges in Supporting the Internet of Autonomous Things

Nov 03, 2025

A new IETF draft outlines critical limitations of DNS in supporting the Internet of Autonomous Things, highlighting challenges related to latency, mobility, security, and privacy, and proposing architectural improvements to meet evolving machine-driven demands. more

Preparing DNSSEC for the Post-Quantum Era

Oct 28, 2025

To prepare DNS security for a post-quantum future, Verisign and partners are testing new cryptographic strategies that balance security, performance, and feasibility, especially through the novel Merkle Tree Ladder mode for managing large signatures. more

eco and AV-Test Publish Monthly topDNS Reports for Internet Service Providers

Oct 15, 2025

eco's topDNS initiative and AV-Test are publishing monthly reports to help ISPs detect and mitigate DNS abuse by analysing malware, phishing, and PUA trends, creating a long-term data foundation for industry-wide transparency. more

Overcoming DNSSEC Challenges: A Guide for TLDs

Oct 14, 2025

Despite offering robust protection for the Domain Name System, DNSSEC suffers from poor adoption due to its complexity, cost, and operational risks. Automation and algorithmic improvements now offer practical solutions for broader deployment. more

Centralizing DNS Data for Security, Compliance, and Performance

Oct 02, 2025

Private DNS data lakes consolidate fragmented logs into a centralised platform, improving visibility, security, and compliance. They enable advanced analytics, strengthen threat detection, and help organisations optimise network performance in increasingly complex IT environments. more

14th Registration Operations Workshop Set for September 30, 2025

Sep 19, 2025

The Registration Operations Workshop (ROW), an informal gathering of DNS professionals, is set to continue its tradition of fostering technical dialogue and knowledge-sharing across the domain name ecosystem. more

Polish Presidential Veto Threatens Starlink Continuity in Ukraine

Aug 27, 2025

Earlier this week, Poland’s new President, Karol Nawrocki, vetoed amendments to the Act on Assistance to Citizens of Ukraine, provoking debate over critical satellite connectivity. Deputy Prime Minister and Minister of Digital Affairs Krzysztof Gawkowski warned that the veto “de facto switched off Starlink for Ukraine,” potentially disrupting connectivity for hospitals, schools, and government operations. more

The Edgemoor Research Institute and TWNIC Launch Project Jake to Advance DNS Security and Data Transparency

Aug 25, 2025

The Edgemoor Research Institute (ERI) and Taiwan's .TW Registry (TWNIC) have announced a three-year strategic partnership to enhance Domain Name System (DNS) data management and internet security. The collaboration focuses on joint research, data sharing, and capacity building, aiming to strengthen global internet infrastructure and governance. more

The Latest DNS Threat Landscape: Why CISOs Must Rethink Blocking Strategies

Aug 06, 2025

Cybercriminals live by the tenet "If it ain't broke, don't fix it." They'll use the same tactics repeatedly until they no longer work, then switch things up. That's why CISOs and their security teams maintain constant vigilance. Underscoring this, recent analysis of global DNS activity found that new domains continue to be a major tactic for bad actors. more

Industry Updates

Illuminating ShadyPanda DNS Infrastructure Facts

Mining for DNS Maxims: Top 10 Malware of Q3 2025

Thumbing Through the DNS Traces of TamperedChef

DNS Spotlight: New MITRE ATT&CK Group Entrants as of October 2025

A New DNS Validation Method for Simplified Certificate Automation

Hard Data on DDoS, DNS, and the Race for Resilience

Going DNS Deep Diving Into GhostCall and GhostHire

COLDRIVER’s MAYBEROBOT in the DNS Spotlight

Burrowing Into the Beamglea Campaign DNS Infrastructure

Chasing After RacoonO365 IoCs Using DNS and Domain Intelligence

Spelunking Into SVG Phishing: Amatera Stealer and PureMiner DNS Deep Dive

Global Domain Activity Trends Seen in Q3 2025

Scouring the DNS for Traces of the Hiddengh0st and Winos SEO Poisoning Campaign

Understanding DNSSEC: Best Practices and Implementation Challenges

False Positive Rate Reduced to 1.66% on WhoisXML API’s First Watch Malicious Domains Data Feed

View More