The DNS Abuse Institute recently published our sixth monthly report for our project to measure DNS Abuse: DNSAI Compass ('Compass'). Compass is an initiative of the DNS Abuse Institute to measure the use of the DNS for phishing and malware. The intention is to establish a credible source of metrics for addressing DNS Abuse. We hope this will enable focused conversations, and identify opportunities for improvement. more
Recently I was asked by a customer how they can easily set up rollback capabilities on the endpoints in their corporate network. They had seen the marketing hype by various security technology providers that their products included rollback capabilities they could utilize if/when one of their workstations or servers was infected by malware. Having gotten this question more than once, I thought it would be a good subject to share with a broader audience. more
Efforts have been ongoing in the ICANN community to develop a better understanding of its role in the combat of abuse. This theme has been rising in prominence every year since 2018, and 2021 appears to be the tipping point, in which consensus has built around the idea that more can be accomplished in terms of reducing the impact of rogue actors using the Internet for malicious purposes. more
Two months ago, the Federal Bureau of Investigation (FBI) alerted the public to a list of domains that could easily be mistaken to be part of its network. The list of artifacts contained a total of 92 domain names, 78 of which led to potentially malicious websites, while the remaining 14 have yet to be activated or are no longer active as of 23 November 2020. more
Despite a recent Ninth Circuit decision denying immunity to malware detection software for targeting competitor's software, court holds that Section 230 protected Malwarebytes from liability for designating software driver program as potentially unwanted program. Plaintiff provided software that works in real-time in the background of the operating system to optimize processing and locate and install missing and outdated software drivers. more
As 2019 wrapped up, we took some time to reflect on some of the most impactful digital developments of the past decade and how they helped change our digital lives, including: the rise of mobile and tablet usage; the importance of mobile apps; the explosion of social media and online gaming; cloud computing; domain names, brand protection and the impact of GDP. Now that we've passed the New Year, it's time to look forward. more
Kim Zetter has a new story out describing a very serious attack. In fact, the implications are about as bad as possible. The attack has been dubbed ShadowHammer by Kaspersky Lab, which discovered it. Briefly, some crew of attackers -- I suspect an intelligence agency; more on that below -- has managed to abuse ASUS' update channel and private signing key to distribute bogus patches. more
Want to be a cybersleuth and track down hackers? It may sound ambitious considering that malevolent entities are extremely clever, and tracing them requires certain skills that may not be easy to build for the typical computer user. But then again, the best defense is offense. And learning the basics of sniffing out cybercriminals may not only be necessary nowadays, it has become essential for survival on the Web. So where can you begin? more
As part of my job, I manage an incident response team that was engaged by a significant organization in Georgia whose network was infected by the QBOT (a.k.a. QAKBOT) malware. The customer had been infected for over a year, several teams before ours had failed to solve the problem, and they continued to get reinfected by the malware when they thought they had eradicated it. Over time it had spread to more than 1,000 computers in their ecosystem stealing user credentials along the way. more
Plaintiff anti-malware software provider sued defendant -- who also provides software that protects internet users from malware, adware etc. -- bringing claims for false advertising under the Section 43(a) of Lanham Act, as well as other business torts. Plaintiff claimed that defendant wrongfully revised its software's criteria to identify plaintiff's software as a security threat when, according to plaintiff, its software is "legitimate" and posed no threat to users' computers. more