Threat Intelligence

Sponsored
by

Noteworthy

Domain Research and Monitoring: Keeping an Eye on the Web for You

Reverse WHOIS: A Powerful Process in Cybersecurity

WHOIS History API: Powering Domain Investigations

Threat Intelligence / Featured Blogs

Some Thought on the Paper: Practical Challenge-Response for DNS

Because the speed of DNS is so important to the performance of any connection on the 'net, a lot of thought goes into making DNS servers fast, including optimized software that can respond to queries in milliseconds, and connecting DNS servers to the 'net through high bandwidth links. To set the stage for massive DDoS attacks based in the DNS system, add a third point: DNS responses tend to be much larger than DNS queries.

Say YES to DNSSEC

With the latest "DNSpionage" attack, ICANN astutely prompted domain name holders to fully deploy DNSSEC on their names. Afilias absolutely supports this and encourages the same. In this post, I remind you of why DNSSEC is important and our continued role. Afilias has a long history in the development and advocacy of DNSSEC. In 2007, we partnered with Public Interest Registry to help found dnssec-deployment.org.

An Update From CIRA on IoT Security

Last April, I shared information about a multistakeholder process that CIRA is part of, which seeks to identify and guide the development of policy around the Internet of Things (IoT), putting security at the heart of internet innovations in Canada. Since the formation of this process, we've made quite a bit of progress and I'm pleased to share some of that with you.

Microsoft is Abandoning SHA-1 Hashes for Updates - But Why?

Microsoft is shipping a patch to eliminate SHA-1 hashes from its update process. There's nothing wrong with eliminating SHA-1 - but their reasoning may be very interesting. SHA-1 is a "cryptographic hash function". That is, it takes an input file of any size and outputs 20 bytes. An essential property of cryptographic hash functions is that in practice (though obviously not in theory), no two files should have the same hash value unless the files are identical.

Building a Secure Global Network

Recently, the DNS has come under an extensive attack. The so-called "DNSpionage" campaigns have brought to light the myriad methods used to infiltrate networks. These attacks employed phishing, system hopping via key exfiltration, and software zero day exploits, illustrating that many secure networks may not be fully protected.

NANOG’s Edward Mc Nair to Deliver Keynote Address at CaribNOG 17 in April

Edward Mc Nair will deliver the keynote address at the next regional meeting of the Caribbean Network Operators Group (CaribNOG), to be held in Bridgetown, Barbados from April 10 to 12. The featured talk will take place on Thursday 11 April at 9 am AST. A live netcast will be available. Mc Nair is the Executive Director of the North American Network Operators Group (NANOG).

Revisiting How Registrants Can Reduce the Threat of Domain Hijacking

Recent events have shown the threat of domain hijacking is very real; however, it is also largely preventable. As Verisign previously noted, there are many security controls that registrants can utilize to help strengthen their security posture. Verisign would like to reiterate this advice within the context of the recent domain hijacking reports. Domains are an important element of internet infrastructure; their functionality and security rely upon many factors such as their delegated name servers.

Routing Security - Getting Better, But No Reason to Rest!

In January 2018, I looked back at 2017 to figure out how routing security looked globally and on a country level. Using the same metrics and methodology, I've recently taken a look at 2018 to see if we're making improvements. The good news is, it seems like the routing system is doing better! But there is still much work to be done. Using BGPStream.com, a great public service providing information about suspicious events in the routing system, I analyzed the number of incidents...

Cybersecurity Is Failing Big-Time and This Is Hard to Fix

It has become clear that having a big cybersecurity war room is not enough to deliver true end-to-end security throughout the complex networks, systems and structures on which our modern society is based. Furthermore, looking at the forever changing draconian government interventions in this space, it is also obvious that they are often stabbing in the dark.

BGP Hijacks: Two More Papers Consider the Problem

The security of the global Default Free Zone (DFZ) has been a topic of much debate and concern for the last twenty years (or more). Two recent papers have brought this issue to the surface once again - it is worth looking at what these two papers add to the mix of what is known, and what solutions might be available. The first of these traces the impact of Chinese "state actor" effects on BGP routing in recent years.