DNS

Log4j Vulnerability: What Do the IoCs Tell Us So Far?

A zero-day vulnerability found in Log4j, a logging library commonly used in Java, was detected on 9 December 2021. The vulnerability known as "CVE -- 2021 -- 44228" or "Log4Shell" enables attackers to execute codes and access all data on an infected machine remotely.

Are Mypressonline.com’s Free Subdomain Creation Services Being Abused?

It’s not uncommon to see free web hosting providers get abused as part of phishing campaigns. IBM X-Force Exchange, in fact, published three indicators of compromise (IoCs) related to such an incident.

Locky Ransomware: Still a Threat as List of IoCs Grows

Locky has been around since 2016, contributing to the total amount lost to ransomware worldwide, which has to this day reached US$20 billion in the U.S. alone. It usually gets delivered to users’ computers via emails with malicious attachments in the form of macro-laden Word documents.

Verisign Domain Name Industry Brief: 364.6 Million Domain Name Registrations in Q3 2021

Today, we released the latest issue of The Domain Name Industry Brief, which shows that the third quarter of 2021 closed with 364.6 million domain name registrations across all top-level domains, a decrease of 2.7 million domain name registrations, or 0.7%, compared to the second quarter of 2021.

Facebook Is Now Meta, Will Threat Actors Ride the Wave?

Facebook CEO Mark Zuckerberg, on 28 October in Connect 2021, introduced Meta, which will be Facebook’s parent company, along with the organization’s various apps and technologies. According to Zuckerberg, "Meta’s focus will be to bring the metaverse to life and help people connect, find communities, and grow businesses."

Are Banks and Their Customers Once Again at Risk of Typosquatting Woes?

A typosquatting campaign targeting U.S. Bancorp was uncovered a few weeks ago, potentially posing a threat to the financial institution and its customers. As of this writing, four domains and their IP resolutions were identified as indicators of compromise (IoCs).

Cybersecurity During the Busiest Shopping Days of the Year

The holiday season is just around the corner, and with that, shoppers are starting to make their lists. According to an Adobe Report, the 2020 holiday season exceeded $188 billion in online sales in the United States alone, an increase of 32% compared with 2019.

DNS Record Contents: Are Organizations Giving Away More Than They Should?

There are several directions an organization can take when naming critical digital properties. A classic tactic is using a common theme, such as pet names, planets, or colors. A CTO suggested naming database nodes after “Game of Thrones (GoT)” characters. Taking this route makes for an obscure naming system that would be difficult for third parties to guess.

Continuing Danger for Internet Users – Unavailable Whois Data and DNS Abuse

As we approach our third year of living with ICANN's Temporary Specification, civil and criminal investigators still can't find suspected perpetrators' contact data, nor can they depend upon enlisting the help of registries and registrars to abate abuse consistently and quickly. The result? Unsuspecting internet users remain at risk, and there is no end to this dilemma in sight.

Phorpiex Botnet Extortion: DNS Facts and Findings

The Phorpiex botnet has been operating for years now. It first focused on distributing old-school worms that spread via infected USB drives or through chats that relied on the Internet Relay Chat (IRC) protocol.