Threat Intelligence |
Sponsored by |
Satellites make it possible for governments to provide essential services, such as national defense, navigation, and weather forecasting. Private ventures use satellites to offer highly desired services that include video program distribution, telecommunications, and Internet access. The Russian launch of a satellite, with nuclear power and the likely ability to disable satellites, underscores how satellites are quite vulnerable to both natural and manmade ruin.
In this article, I present an overview of a series of 'proof-of-concept' studies looking at the application of domain-name entropy as a means of clustering together related domain registrations, and serving as an input into potential metrics to determine the likely level of threat which may be posed by a domain.
OpenXDR is one of the most cost-effective SIEM alternatives that help businesses detect and mitigate threats within hectic modern architectures. A single cyber incident impacts every aspect of a business -- from system downtime, revenue losses, and reputation damage to disrupted operations.
While threat actors can use any domain across thousands of top-level domains (TLDs), they often have favorites. For instance, you may be familiar with Spamhaus's 10 most-abused TLDs for spamming. WhoisXML API researchers recently built on this list by analyzing 40,000 newly registered domains (NRDs) that sported some of the listed unreputable TLDs. We called this study "DNS Abuse Trends: Dissecting the Domains Under the Most-Abused TLDs."
Subdomains help organizations sort different sections of their websites neatly. Looking at the subdomains of some websites, for example, we usually see subdomains like shop[.]domain[.]com and blog[.]domain[.]com, which help users navigate the sites efficiently. But we couldn't help but notice subdomains that might be revealing a lot about a company's Internet infrastructure and resources.
Cyber attackers are very skilled at infiltration. They'd find ways into a house through cracks and holes that the homeowner doesn't know about. Analogically speaking, that's what the new cyber attack group dubbed "Hafnium" did when they identified several zero-day Microsoft Exchange vulnerabilities to get into target networks. With thousands of users for every Microsoft Exchange server, the attack has far-reaching implications. First, it establishes the presence of a new threat actor group in town. What else could they be up to?
A recent survey conducted by the Neustar International Security Council confirmed the heightened interests on domain name system (DNS) security. The survey reveals that over three-quarters of cybersecurity professionals anticipate increases in DNS attacks, especially with more people shopping online amid the pandemic. Yet, close to 30% have reservations about their ability to respond to these attacks.
When a brand goes so far as to ask a domain name registrar for Whois (the registration contact details) of a potentially abusive domain name, there's likely a lot at stake. Most often, the request is prompted by consumer safety concerns, such as the risk to consumers posed by a malicious site. Other times, the demand has a simple goal: to have a dialog with the registrant about the use of trademarks or other intellectual property in order to avoid extreme action.
Over the last few years, it's become clear that abuse of the Domain Name System -- whether in the form of malware, botnets, phishing, pharming, or spam -- threatens to undermine trust in the Internet. At Public Interest Registry, we believe that every new .ORG makes the world a better place. That means anything that gets in the way of that is a threat, and that includes DNS Abuse.
Cybercriminals are increasingly targeting Personally Identifiable Information (PII). The reason being "data is the new gold" in this digital world, and the more sensitive some data is, the more value it has. There is no more sensitive data than personally identifiable information because it contains enough information to identify you digitally. Examples of personally identifiable information include name, email, contact number, address, social security number, tax file number, banking or financial information, and more such data that helps identify you.
As the world becomes more and more reliant on electronics, it's worth a periodic reminder that a large solar flare could knock out much of the electronics on earth. Such an event would be devastating to the Internet, satellite broadband, and the many electronics we use in daily life. A solar flare is the result of periodic ejections of matter from the sun into space. Scientists still aren't entirely sure what causes solar flares, but they know that it's somehow related to shifts in the sun's magnetic field.
Clarivate has once again surveyed global business leaders about the importance of domain names to their organizations, including the role of domains as intellectual property (IP) assets. The 2020 survey followed up on our 2019 survey, revealing key year-over-year trends in how organizations manage, secure and budget for domain names. In this blog, we review key trends from the new report.
In previous posts in this series, I've discussed a number of applications of cryptography to the DNS, many of them related to the Domain Name System Security Extensions (DNSSEC). In this final blog post, I'll turn attention to another application that may appear at first to be the most natural, though as it turns out, may not always be the most necessary: DNS encryption. (I've also written about DNS encryption as well as minimization in a separate post on DNS information protection.)
In my last article, I described efforts underway to standardize new cryptographic algorithms that are designed to be less vulnerable to potential future advances in quantum computing. I also reviewed operational challenges to be considered when adding new algorithms to the DNS Security Extensions (DNSSEC). In this post, I'll look at hash-based signatures, a family of post-quantum algorithms that could be a good match for DNSSEC from the perspective of infrastructure stability.
On January 14, 2021, the Office of the United States Trade Representative (USTR) released its 2020 Review of Notorious Markets for Counterfeiting and Piracy (the Notorious Markets List, or NML). This publication enumerates online and physical markets that have been reported to engage in trademark, counterfeiting, and copyright infringement at scale. For the first time, the NML documents show how internet platforms play a part in bringing illicit goods into the US.
Anyone seeking to establish an online presence appears to have limitless options for reserving Internet domain names. But the question remains: which providers do registrants prefer? more
Back in 2015, a survey found that cats drove 15% of the overall Internet traffic. That said, it is not surprising for threat actors to use cat-related content to lure victims to visit their malware-laden sites. Such was the case for GootLoader, which allowed cybercriminals to steal data and deploy post-exploitation tools and ransomware. more
For many across the globe, Christmas represents a joyous time of celebration and giving. But it can also be a time for worry, especially for those unfortunate enough to get scammed while doing their holiday shopping. more
The SideWinder advanced persistent threat (APT) group, also known as "T-APT-04" or "RattleSnake," has been active since 2012. It launched attacks against military and government entities in Asia. more
As unique identifiers of entities that control IP ranges, autonomous system numbers (ASNs) provide valuable data. Understanding ASN distribution and deriving insights from it can significantly enhance strategic business and market analyses. more
Silent Push has been monitoring the FUNULL content delivery network (CDN) for two years now. They believe the network has played host to various cybercriminal campaigns, including investment scams, fake trading app distribution, suspect gambling networks, and the Polyfill supply chain attack. more
Thanksgiving is right around the corner. With it, of course, come celebrations with family and friends and the biggest Black Friday sales. All seems well and good but that's not always the case, isn't it? more