DNS Security

 Sponsored
by

Noteworthy

Reverse WHOIS: A Powerful Process in Cybersecurity

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider Jun 14, 2019 |   Read More |   18,241

Domain Research and Monitoring: Keeping an Eye on the Web for You

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 24, 2019 |   Read More |   17,010

WHOIS History API: Powering Domain Investigations

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 22, 2019 |   Read More |   17,213

DNS Security / Most Commented

The DNSSEC “Onus of Reality Check” Shifted to gTLD Administrations by ICANN

Sep 09, 2006

Last month, there was an exchange of letters between a gTLD administration and ICANN about DNSSEC deployment. This gTLD administration is PIR or Public Interest Registry, the gTLD administration for the .org TLD. Interestingly, PIR is a non-profit organization that makes significant contributions to ISOC (Internet Society) initiatives: thus, both ICANN and PIR are organizations dedicated to the well-being of the Internet. more

DNSSEC Deployment at the Root

May 22, 2006

The DNSSEC is a security protocol for providing cryptographic assurance (i.e. using the public key cryptography digital signature technology) to the data retrieved from the DNS distributed database (RFC4033). DNSSEC deployment at the root is said to be subject to politics, but there is seldom detailed discussion about this "DNS root signing" politics. Actually, DNSSEC deployment requires more than signing the DNS root zone data; it also involves secure delegations from the root to the TLDs, and DNSSEC deployment by TLD administrations (I omit other participants involvement as my focus is policy around the DNS root). There is a dose of naivety in the idea of detailing the political aspects of the DNS root, but I volunteer! My perspective is an interested observer. more

Preventing Future Attacks: Alternatives In DNS Security Management - Part II

Nov 20, 2002

In Part I of this article I set the stage for our discussion and overviewed the October 21st DDoS attacks on the Internet's 13 root name servers. In particular, I highlighted that the attacks were different this time, both in size and scope, because the root servers were attacked at the same time. I also highlighted some of the problems associated with the Domain Name System and the vulnerabilities inherent in BIND. Part II of this article takes our discussion to another level by critically looking at alternatives and best practices that can help solve the security problems we've raised. more

Industry Updates

A New DNS Validation Method for Simplified Certificate Automation

Hard Data on DDoS, DNS, and the Race for Resilience

Going DNS Deep Diving Into GhostCall and GhostHire

COLDRIVER’s MAYBEROBOT in the DNS Spotlight

Burrowing Into the Beamglea Campaign DNS Infrastructure

Chasing After RacoonO365 IoCs Using DNS and Domain Intelligence

Spelunking Into SVG Phishing: Amatera Stealer and PureMiner DNS Deep Dive

Global Domain Activity Trends Seen in Q3 2025

Scouring the DNS for Traces of the Hiddengh0st and Winos SEO Poisoning Campaign

Understanding DNSSEC: Best Practices and Implementation Challenges

False Positive Rate Reduced to 1.66% on WhoisXML API’s First Watch Malicious Domains Data Feed

Thumbing through the DNS Trail of the TAOTH Campaign

Deep Dive: 3 Lazarus RATs Caught in Our DNS Trap

Cross-Examining the CAPTCHAgeddon Brought on by ClickFix

A Deep Dive Into the GreedyBear Attack

View More