DNS Security

Blogs

Registrar Influence on the Domain Security Posture of the Forbes Global 2000

In the 2021 Domain Security Report, we analyzed the trend of domain security adoption with respect to the type of domain registrar used, and found that 57% of Global 2000 organizations use consumer-grade registrars with limited protection against domain and DNS hijacking, distributed denial of service (DDoS), man-in-the-middle attacks (MitM), or DNS cache poisoning. On average, the adoption of domain security controls is two times higher for enterprise-class registrars than for those using consumer-grade registrars. more

Cryptocurrency and DNS: Phishing Domains, Cryptomining and More

When we look at the intersection of cryptocurrency and domain data, we see something insidious: The prevalence of crypto-related threats. And it's not just cryptojacking. It's not even the use of cryptocurrency which has made ransomware attacks easier for threat actors to commit and all the more widespread. As with nearly every trend, there is always someone looking to capitalize on it and use it for their own, personal gain. Ever since cryptocurrency became the pandemic hobby of choice, threat actors have begun to target crypto novices for their schemes. more

What Is the Domain Name Expiry Cycle and Why Should You Know About It?

Domain names are registered by the thousands every day. In July 2021, 236,336 domains were newly registered daily on average across all top-level domains (TLDs). Tens of thousands were also newly expired. Other months could be just as busy. "Newly registered" and "newly expired." Those are two terms I often get questions about. Newly registered domains are domains that someone just reserved, typically through a registrar or web hosting company. Newly expired domains, meanwhile, are those domains that someone had reserved but decided to let go for one reason or another. more

DNS Abuse Definition: Attributes of Mitigation

A substantial amount of DNS community discussion on the topic of DNS Abuse is focused on defining what is or is not DNS Abuse. The definition adopted by ICANN contracted parties, as well as the DNS Abuse Institute, is straightforward: DNS Abuse is malware, botnets, pharming, phishing, and spam where it's a vehicle for the preceding harms. There is, of course, some fuzziness on the margins, where technical harms are also using content. more

Examining Real Examples of DNS Abuse: A Summary Overview of the 2nd DNS Abuse Forum

It was not without a little trepidation that I planned the 2nd DNS Abuse Institute Forum to focus on the long-standing and often contentious definitional issues surrounding DNS Abuse. While the risk of getting stuck in the usual entrenched positions was real, it seemed to me that we had an opportunity to provide some clarity and if not change minds, at least provide perspective. more

DNS Level Action to Address Abuses: New Tools for DNS Operators and Legislators

The ways in which the Internet is embedded in our daily lives are too varied and numerous to catalogue. The Internet delivers information, access to goods, services, education, banking, social interaction and, increasingly, work space. The global pandemic has only heightened our dependence on the online world, which is why efforts to ensure that the Internet remains a trusted and secure environment are more important than ever. more

Your Cybersecurity is Only as Strong as Your Weakest Vendor

Managing the risk of third parties has become a compliance focus for many large organizations. Companies even work with third-party service providers and external vendors just to manage this risk. The recent SolarWinds attack escalates the critical need for chief compliance officers to collaborate with their business counterparts to identify and mitigate potentially unknown threats that lie within third-party supply chains. Yet how can companies manage this risk when it's not if but when you're attacked? more

10th Registration Operations Workshop (ROW), June 8th, 2021, Online

The Registration Operations Workshop (ROW) was conceived as an informal industry conference that would provide a forum for discussion of the technical aspects of registration operations in the domain name system and IP addressing. The 10th ROW will be held online on Tuesday, June 8th, 2021 at 13h00-17h00 UTC. Click to learn more about the discussion topics and registration details. more

Vendor Selection Matters in the Domain Registrar Ecosystem

Domain name abuse is one of the most dangerous and under-regulated issues in digital business security today. Many of the largest companies in the world still lack basic domain security protocols, making them prime targets for bad actors. An attack on a domain can lead to the redirection of a company's website, domain spoofing, domain and domain name system (DNS) hijacking attacks, phishing attacks, network breaches, and business email compromise (BEC). more

Some Thoughts on the Recent DNS Operations, Analysis, and Research Centre Workshop, OARC-35

The DNS Operations, Analysis, and Research Centre (DNS-OARC) convened OARC-35 at the start of May. Here are some thoughts on a few presentations at that meeting that caught my attention... These days it seems that the term "the digital economy" is synonymous with "the surveillance economy." Many providers of services on the Internet spend a lot of time and effort assembling profiles of their customers. These days, it's not just data in terms of large-scale demographics but the assembling of large sets of individual profiles.  more

“It’s Always DNS!” Why DNS Is the Biggest Single Point of Failure in the New Norm

Many in the network security field may be familiar with the phrase: "It's always DNS."  This is a popular meme within the industry, often making reference to the internal domain name system (DNS), the dynamic host configuration protocol (DHCP) part of a company's online network, that whenever there is a network issue, it's always an issue with DNS. more

New Research Indicates Nearly 80% of Top US Energy Companies Are at Serious Risk for Cyberattacks

In light of the Biden administration's recent efforts in protecting critical infrastructure from cyber threats, new research from CSC indicates that a majority of the top energy companies in the U.S. are vulnerable to attack due to shortcomings in their online operations. Specifically, these organizations are vulnerable to domain name and domain name system (DNS) hijacking and phishing attacks based on their lack of effective domain security. more

Could Bulk-Registered Typosquatting Domains Be Connected to .ORG DNS Abuse?

Public Interest Registry (PIR) announced the creation of the DNS Abuse Institute about two months ago as it believes that "every .ORG makes the world a better place" and "anything that gets in the way of that is a threat," notably in the form of Domain Name System (DNS) abuse. To show support for the initiative, WhoisXML API analyzed monthly typosquatting data feeds for December 2020, January 2021, and February 2021 to identify .ORG domain trends... more

The Path to Combatting Domain Abuse

Completely eradicating malware, botnets, phishing, pharming, and spam from the Domain Name System is not possible. That may be an odd statement from someone who just took the leadership position at the DNS Abuse Institute, but it's meant to underscore the scope of the work ahead of us. There will always be bad actors exploiting the DNS for their own criminal purposes, but working together, we can mitigate their impact. more

Four-Pronged Approach to Keep Your Domain Names and DNS Secure from Cyberattacks

Domain names, domain name systems (DNS), and digital certificates are fundamental components of the most important applications that enable your company to conduct business - including your website, email, voice-over IP, and more. However, these vital applications are being attacked with an increasingly high level of sophistication and severity. more

News Briefs

InternetNZ Has Disclosed a Vulnerability That Can Be Weaponized Against Authoritative DNS Servers

Security Researcher Dan Kaminsky Has Died

PIR Launches New Institute to Combat DNS Abuse

DNSSEC Now Deployed in all Generic Top-Level Domains, Says ICANN

Firefox Starts the Roll Out of DNS Over HTTPS (DoH) by Default for US-Based Users

Microsoft Announces Plans to Adopt DoH in Windows

EFF: For ISPs to Retain Power to Censor the Internet, DNS Needs to Remain Leaky

Leading Domain Registries and Registrars Release Joint Document on Addressing ‘DNS Abuse’

The U.S. House Judiciary Committee Is Investigating Google’s Plans to Implement DNS Over HTTPS

Use of DNS Firewalls Could Have Prevented More Than $10B in Data Breach Losses Over the Past 5 Years

Unexpected Behaviour Observed With DNS Root Servers After Cryptographic Change

ICANN Makes Urgent Call for Full Deployment of Domain Name System Security Extensions (DNSSEC)

ISC Assesses DNS Flag Day

Global DNS Record Manipulation, Hijacking Campaign at Massive Scale Linked to Iran

ICANN Facing Critical Choice for Plan to Change DNS Cryptographic Key

Large-Scale Study by Security Researchers in China Sheds Light on the Scope of DNS Interception

Russia in Talks to Create Independent DNS

IBM Launches Quad9, a DNS-based Privacy and Security Service to Protect Users from Malicious Sites

ICANN Delays Plans to Change DNS Cryptographic Key, Says Near 750 Million People at Risk if Rushed

NIST Publishes Guide for DNS-Based Email Security, Draft Open for Public Comments

Most Viewed

Most Commented

Industry Updates

Participants – Random Selection