/ Most Commented

Registry Lock - or EPP With Two Factor Authentication

Jun 03, 2015

For the last couple of years, the most common attack vector against the DNS system is the attack against the registrar. Either the attack is on the software itself using weaknesses in the code that could inject DNS changes into the TLD registry, or social engineering the registrar support systems and the attacker receives credentials that in turn allows the attacker to perform malicious changes in DNS. DNSSEC is the common security mechanism that protects the DNS protocol, but by using the registrar attack, any changes will result in a proper working DNS delegation. more

The Internet of Things: Solving Security Challenges from the Fringe to the Core

Jun 02, 2015

News flash: to help fight California's drought, Samsung is offering a $100,000 prize to the innovator who creates "the most effective use of IoT and ARTIK [Samsung's IoT platform] technology for reducing water consumption by individuals or municipalities." When the average reader of this news headline needs no explanation of what "IoT" means or what this contest is about, we know IoT, or the Internet of Things, is for real. There are already an estimated 25 billion connected devices around the world, according to expert estimates. more

The Longevity of the Three-Napkin Protocol

Jun 01, 2015

It is not often I go out to my driveway to pick up the Washington Post -- yes, I still enjoy reading a real physical paper, perhaps a sign of age -- and the headline is NOT about how the (insert DC sports team here) lost last night but is instead is about an IT technology. That technology is the Border Gateway Protocol (BGP), a major Internet protocol that has been around for more than a quarter century, before the Internet was commercialized and before most people even knew what the Internet was. more

Megaupload Domains Seized by FBI Now Link to Scam Ads and Malware Due to Renewal Failure

May 29, 2015

Sean Gallagher reporting in Ars writes: "Earlier this week, something suspicious started happening with Web addresses related to sites seized by the FBI from Megaupload and a number of online gambling sites." more

FTC Puts Burden Back on ICANN Concerning .Sucks Dilemma

May 29, 2015

Kieren McCarthy reporting in The Register writes: "The US Federal Trade Commission (FTC) has responded to questions over the legality of .sucks domain pricing with a three-page "I told you so" letter to domain name overseer ICANN. more

China’s New Law Could Severely Damper Domain Name Registrations

May 29, 2015

Trevor Little reporting in the World Trademark Review writes: "The Chinese government has announced that registries and registrars will have to meet a number of conditions and obtain the approval of the Ministry of Industry and Information Technology (MIIT) before being allowed to engage in commercial and operational activities in China." more

A Look Inside the Emerging Private IPv4 Market

May 28, 2015

A significant quantity of unused, previously allocated IPv4 addresses are becoming readily available for re-distribution to IP network operators in need of the depleted addresses. Network World has published a report that takes a look at this emerging private market that's allowing companies with excess numbers to sell them to those in need. more

Phishing in the New gTLDs

May 27, 2015

The new Anti-Phishing Working Group (APWG) Global Phishing Survey has just been released. Written by myself and Rod Rasmussen of IID, the report is the "who, what, where, when, and why" look at phishing, examining the second half of 2014. The report has many findings, but here I'll concentrate on the new gTLDs. The second half of 2014 was when an appreciable number of new gTLDs entered general availability and started to gain market share. more

Fadi Chehadé Announces His Departure - What’s Next for Businesses at ICANN?

May 27, 2015

Last week, the CEO of ICANN, Fadi Chehadé, announced his intention to leave his position in March 2016, after almost four years as head of the organization. He plans to take a position in private industry, outside of the domain name space. Although the impact to the business community is unclear at this point, Chehadé's departure throws a spotlight on how important ICANN leadership can be in ensuring that business and brand interests maintain their voice in the Internet governance sphere. more

How Will Your Registration Data Be Managed in the Future?

May 26, 2015

Benjamin Franklin once said, "By failing to prepare, you are preparing to fail." As we consider how Internet domain and address registration data is managed and accessed in a post-WHOIS era, and given the long history of failure in addressing the shortcomings of WHOIS, it is extremely important to start preparing now for the eventual replacement of WHOIS. This is the fundamental purpose of the next Registration Operations Workshop (ROW) that is scheduled for Sunday, July 19, 2015, in Prague, Czech Republic. more

IPv6 Adoption Brings New Security Risks

May 23, 2015

Although IPv6 DDoS attacks are not yet a common occurrence, there are indications that malicious actors have started testing and researching IPv6 based DDoS attack methods. more

ISOC Reinforces Commitment to IANA Transition Post ICANN President Step Down

May 21, 2015

Internet Society President and CEO, Kathryn C. Brown released a statement today stressing the organization’s continued commitment to the stewardship transition of the Internet Assigned Numbers Authority (IANA) functions to the global Internet community -- emphasizing that this process is key to maintaining long-term value in the collaborative, multistakeholder model of Internet governance. more

Chehadé to End His Tenure as ICANN President & CEO in March 2016

May 21, 2015

The Internet Corporation for Assigned Names and Numbers (ICANN) today announced that President and CEO Fadi Chehadé has informed the Board he will be concluding his tenure in March 2016 to move into a new career in the private sector (outside the Domain Name Industry). more

Trust and Collaboration - Key Features for the Internet’s Future

May 19, 2015

Last week, Columbia University's School of International and Public Affairs (SIPA), in collaboration with the Global Commission on Internet Governance (GCIG), hosted a conference on Internet governance and cybersecurity. The conference gathered a variety of experts to discuss issues pertaining to Internet governance, human rights, data protection and privacy, digital trade, innovation and security. more

What New gTLD Applicants Want for Round 2

May 18, 2015

After talking to a few new gTLD applicants who participated in "Round One" of the ICANN new gTLD program, here is a list of complaints and questions I received, and probably a few things potential candidates should pay attention to prior to submitting an application... Applying is too expensive, I want my TLD for $200,000 "all included" (ICANN fee + consultancy services to fill in my application) more

Industry Updates

Uncovering DNS Details on Operation Celestial Force

Global DNS and Domain Activity Trends in Q2 2024

On the Hunt for Remnants of the Samourai Wallet Crypto Mixing Services in the DNS

A Peek at the V3B Phishing Kit Attack via the DNS Lens

NIS2 and Its Implications for Global Brands

  • By CSC
  • Jul 05, 2024

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Following the DNS Trail of APT Group Newbie Unfading Sea Haze

On the DNS Trail of the Foxit PDF Bug Exploitation Attackers

Profiling a Popular DDoS Booter Service’s Ecosystem

IPv4.Global Commits to Keep Ukraine Connected

A DNS Investigation of the Phobos Ransomware 8Base Attack

Stately Taurus APT Group Targets Asian Countries: What Do the Campaign IoCs Reveal?

Managing Expanding Attack Surfaces for Growing Businesses

Subdomain Hijacking in the News Again - What is It?

  • By CSC
  • May 20, 2024

Looking for More Signs of Nitrogen in the DNS

View More