DNS Security

DNS Security / Featured Blogs

The Path to Combatting Domain Abuse

Mar 29, 2021

Completely eradicating malware, botnets, phishing, pharming, and spam from the Domain Name System is not possible. That may be an odd statement from someone who just took the leadership position at the DNS Abuse Institute, but it's meant to underscore the scope of the work ahead of us. There will always be bad actors exploiting the DNS for their own criminal purposes, but working together, we can mitigate their impact. more

Four-Pronged Approach to Keep Your Domain Names and DNS Secure from Cyberattacks

Mar 25, 2021

Domain names, domain name systems (DNS), and digital certificates are fundamental components of the most important applications that enable your company to conduct business - including your website, email, voice-over IP, and more. However, these vital applications are being attacked with an increasingly high level of sophistication and severity. more

Notes from the DNS Privacy Workshop at NDSS 2021

Mar 10, 2021

For many years the consuming topic in DNS circles was that of the names themselves. If you wind the clock back twenty years or so, you will find much discussion about the nature of the Internet's namespace. Why were there both generic top-level labels and two-letter country codes? If we were going to persist with these extra-territorial generic country codes in the namespace, then how many should there be? Who could or should manage them? And so on. more

78% of Cybersecurity Professionals Expect an Increase in DNS Threats, Yet Have Reservations

Feb 24, 2021

A recent survey conducted by the Neustar International Security Council confirmed the heightened interests on domain name system (DNS) security. The survey reveals that over three-quarters of cybersecurity professionals anticipate increases in DNS attacks, especially with more people shopping online amid the pandemic. Yet, close to 30% have reservations about their ability to respond to these attacks. more

An Institute to Combat DNS Abuse

Feb 17, 2021

Over the last few years, it's become clear that abuse of the Domain Name System -- whether in the form of malware, botnets, phishing, pharming, or spam -- threatens to undermine trust in the Internet. At Public Interest Registry, we believe that every new .ORG makes the world a better place. That means anything that gets in the way of that is a threat, and that includes DNS Abuse. more

Information Protection for the Domain Name System: Encryption and Minimization

Jan 27, 2021

In previous posts in this series, I've discussed a number of applications of cryptography to the DNS, many of them related to the Domain Name System Security Extensions (DNSSEC). In this final blog post, I'll turn attention to another application that may appear at first to be the most natural, though as it turns out, may not always be the most necessary: DNS encryption. (I've also written about DNS encryption as well as minimization in a separate post on DNS information protection.) more

Securing the DNS in a Post-Quantum World: Hash-Based Signatures and Synthesized Zone Signing Keys

Jan 22, 2021

In my last article, I described efforts underway to standardize new cryptographic algorithms that are designed to be less vulnerable to potential future advances in quantum computing. I also reviewed operational challenges to be considered when adding new algorithms to the DNS Security Extensions (DNSSEC). In this post, I'll look at hash-based signatures, a family of post-quantum algorithms that could be a good match for DNSSEC from the perspective of infrastructure stability. more

Securing the DNS in a Post-Quantum World: New DNSSEC Algorithms on the Horizon

Jan 20, 2021

One of the "key" questions cryptographers have been asking for the past decade or more is what to do about the potential future development of a large-scale quantum computer. If theory holds, a quantum computer could break established public-key algorithms including RSA and elliptic curve cryptography (ECC), building on Peter Shor's groundbreaking result from 1994. more

Newer Cryptographic Advances for the Domain Name System: NSEC5 and Tokenized Queries

Jan 14, 2021

In my last post, I looked at what happens when a DNS query renders a "negative" response -- i.e., when a domain name doesn't exist. I then examined two cryptographic approaches to handling negative responses: NSEC and NSEC3. In this post, I will examine a third approach, NSEC5, and a related concept that protects client information, tokenized queries. The concepts I discuss below are topics we've studied in our long-term research program as we evaluate new technologies. more

Cryptographic Tools for Non-Existence in the Domain Name System: NSEC and NSEC3

Jan 13, 2021

In my previous post, I described the first broad scale deployment of cryptography in the DNS, known as the Domain Name System Security Extensions (DNSSEC). I described how a name server can enable a requester to validate the correctness of a "positive" response to a query -- when a queried domain name exists -- by adding a digital signature to the DNS response returned. more

Industry Updates

Hunting for TimbreStealer Malware Artifacts in the DNS

Uncovering Suspicious Download Pages Linked to App Installer Abuse

On the DNS Trail of the Rise of macOS Backdoors

Checking Out the DNS for More Signs of ResumeLooters

WhoisXML API Publishes a New Study of 7 APT Groups That Have Targeted North America

Searching for Potential Propaganda Vehicle Presence in the DNS

Following the VexTrio DNS Trail

Tracing Ivanti Zero-Day Exploitation IoCs in the DNS

DNS Investigation: Is xDedic Truly Done for After Its Takedown?

The New RisePro Version in the DNS Spotlight

Tracking Down Sea Turtle IoCs in the DNS Ocean

Tracing the DNS Spills of the OilRig Cyber Espionage Group

Uncloaking the Underbelly of JinxLoader

Examining the Mirai.TBOT IoCs under the DNS Microscope

A Deep Dive into 6 APT Groups Based in or Targeting APAC

View More