Malware

Malware / Featured Blogs

Notes from NANOG 69

Feb 12, 2017

NANOG 69 was held in Washington DC in early February. Here are my notes from the meeting. It would not be Washington without a keynote opening talk about the broader political landscape, and NANOG certainly ticked this box with a talk on international politics and cyberspace. I did learn a new term, "kinetic warfare," though I'm not sure if I will ever have an opportunity to use it again!

Cyber-Terrorism Rising, Existing Cyber-Security Strategies Failing, What Are Decision Makers to Do?

Jan 13, 2017

While conventional cyber attacks are evolving at breakneck speed, the world is witnessing the rise of a new generation of political, ideological, religious, terror and destruction motivated "Poli-Cyber™" threats. These are attacks perpetrated or inspired by extremists' groups such as ISIS/Daesh, rogue states, national intelligence services and their proxies. They are breaching organizations and governments daily, and no one is immune.

CircleID’s Top 10 Posts of 2016

Jan 06, 2017

The new year is upon us and it's time for our annual look at CircleID's most popular posts of the past year and highlighting those that received the most attention. Congratulations to all the 2016 participants and best wishes to all in the new year.

Maintaining Security and Stability in the Internet Ecosystem

Sep 29, 2016

DDoS attacks, phishing scams and malware. We battle these dark forces every day - and every day they get more sophisticated. But what worries me isn't just keeping up with them, it is keeping up with the sheer volume of devices and data that these forces can enlist in an attack. That's why we as an industry need to come together and share best practices - at the ICANN community, at the IETF and elsewhere - so collectively we are ready for the future.

DNS and Stolen Credit Card Numbers

Apr 20, 2016

FireEye announced a new piece of malware yesterday named MULTIGRAIN. This nasty piece of code steals data from Point of Sale (PoS) and transmits the stolen credit card numbers by embedding them into recursive DNS queries. While this was definitely a great catch by the FireEye team, the thing that bothers me here is how DNS is being used in these supposedly restrictive environments.

ICANN Fails Consumers (Again)

Apr 15, 2016

In its bid to be free of U.S. government oversight ICANN is leaning on the global multistakeholder community as proof positive that its policy-making comes from the ground up. ICANN's recent response to three U.S. senators invokes the input of "end users from all over the world" as a way of explaining how the organization is driven. Regardless of the invocation of the end user (and it must be instinct) ICANN cannot seem to help reaching back and slapping that end user across the face.

The Cyberthreats and Trends Enterprises Should Watch in 2016

Feb 19, 2016

Every year, Verisign iDefense Security Intelligence Services produces its Cyberthreats and Trends Report, which provides an overview of the key cybersecurity trends of the previous year and insight into how Verisign believes those trends will evolve. This report is designed to assist in informing cybersecurity and business operations teams of the critical cyberthreats and trends impacting their enterprises, helping them to anticipate key developments and more effectively triage attacks and allocate their limited resources.

Malware Reach Is Expanding, Ransomware on the Rise

Feb 01, 2016

We live in an online age, one where malware infections have become commonplace. Some might say this is the price of doing business online. News headlines report damaging attacks on well-known brands with depressing regularity. Consumer confidence suffers as customers look to organizations to sort out the issue, secure their transactions and fix the problem.

Officially Compromised Privacy

Nov 28, 2015

The essence of information privacy is control over disclosure. Whoever is responsible for the information is supposed to be able to decide who sees it. If a society values privacy, it needs to ensure that there are reasonable protections possible against disclosure to those not authorized by the information's owner. In the online world, an essential technical component for this assurance is encryption. If the encryption that is deployed permits disclosure to those who were not authorized by the information's owner, there should be serious concern about the degree of privacy that is meaningfully possible.

Verisign iDefense Analysis of XcodeGhost

Oct 01, 2015

At Verisign we take our Internet stewardship mission very seriously, so when details emerged over the past week concerning the XcodeGhost infection, researchers at Verisign iDefense wanted to help advance community research efforts related to the XcodeGhost issue, and leveraging our unique capabilities, offer a level of public service to help readers determine their current and historical level of exposure to the infection.

Industry Updates

Four Steps to Mitigate Subdomain Hijacking

  • By CSC
  • Aug 06, 2024

Hunting for TimbreStealer Malware Artifacts in the DNS

A Peek at the PikaBot Infrastructure

A Log4Shell Malware Campaign in the DNS Spotlight

Unveiling Stealthy WailingCrab Aided by DNS Intelligence

DNS Abuse and Redirection: Enough for a New JS Malware to Hide Behind?

Decoy Dog, Too Sly to Leave DNS Traces?

A DNS Deep Dive Into Malware Crypting

A DNS Deep Dive: That VPN Service May Be OpcJacker in Disguise

SocGholish IoCs and Artifacts: Tricking Users to Download Malware

Malware Persistence versus Early Detection: AutoIT and Dridex IoC Expansion Analysis

A Call for Help May Lead to Malware: BazarCall IoC Analysis and Expansion

Eternity’s LilithBot, Soon Available to Regular Internet Users?

Alleviating BlackEnergy-Enabled DDoS Attacks

GALLIUM APT Group and Other Threat Actors in Disguise

View More