Threat Intelligence

 Sponsored
by

Noteworthy

Domain Research and Monitoring: Keeping an Eye on the Web for You

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 24, 2019 |   Read More |   13,144

Reverse WHOIS: A Powerful Process in Cybersecurity

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider Jun 14, 2019 |   Read More |   13,847

WHOIS History API: Powering Domain Investigations

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 22, 2019 |   Read More |   12,580

Threat Intelligence / Featured Blogs

A Dangerous, Norm-Destroying Attack

Mar 26, 2019

Kim Zetter has a new story out describing a very serious attack. In fact, the implications are about as bad as possible. The attack has been dubbed ShadowHammer by Kaspersky Lab, which discovered it. Briefly, some crew of attackers -- I suspect an intelligence agency; more on that below -- has managed to abuse ASUS' update channel and private signing key to distribute bogus patches. more

How to Track Online Malevolent Identities in the Act

Mar 12, 2019

Want to be a cybersleuth and track down hackers? It may sound ambitious considering that malevolent entities are extremely clever, and tracing them requires certain skills that may not be easy to build for the typical computer user. But then again, the best defense is offense. And learning the basics of sniffing out cybercriminals may not only be necessary nowadays, it has become essential for survival on the Web. So where can you begin? more

Putting Cyber Threats Into Perspective

Mar 12, 2019

As society uses more digital technologies we are increasingly also faced with its problems. Most of us will have some horror stories to tell about using computers, smartphones, and the internet. But this hasn't stopped us from using the technology more and more. I believe that most people would say that their lives would be worse without technology -- in developed countries but equally in the developing world. more

Some Thought on the Paper: Practical Challenge-Response for DNS

Mar 11, 2019

Because the speed of DNS is so important to the performance of any connection on the 'net, a lot of thought goes into making DNS servers fast, including optimized software that can respond to queries in milliseconds, and connecting DNS servers to the 'net through high bandwidth links. To set the stage for massive DDoS attacks based in the DNS system, add a third point: DNS responses tend to be much larger than DNS queries. more

Say YES to DNSSEC

Mar 06, 2019

With the latest "DNSpionage" attack, ICANN astutely prompted domain name holders to fully deploy DNSSEC on their names. Afilias absolutely supports this and encourages the same. In this post, I remind you of why DNSSEC is important and our continued role. Afilias has a long history in the development and advocacy of DNSSEC. In 2007, we partnered with Public Interest Registry to help found dnssec-deployment.org. more

An Update From CIRA on IoT Security

Mar 05, 2019

Last April, I shared information about a multistakeholder process that CIRA is part of, which seeks to identify and guide the development of policy around the Internet of Things (IoT), putting security at the heart of internet innovations in Canada. Since the formation of this process, we've made quite a bit of progress and I'm pleased to share some of that with you. more

What Is the Most Secure VPN Protocol?

Feb 22, 2019

VPN products vary greatly in convenience, efficiency, and security. If security is a serious concern, an organization needs to pay close attention to the protocols a service supports. Some widely used protocols have significant weaknesses, while others offer state-of-the-art security. The best of the lot today include OpenVPN and IKEv2. What's called a VPN protocol is actually a collection of protocols. There are several functions which every VPN has to manage. more

Microsoft is Abandoning SHA-1 Hashes for Updates - But Why?

Feb 21, 2019

Microsoft is shipping a patch to eliminate SHA-1 hashes from its update process. There's nothing wrong with eliminating SHA-1 - but their reasoning may be very interesting. SHA-1 is a "cryptographic hash function". That is, it takes an input file of any size and outputs 20 bytes. An essential property of cryptographic hash functions is that in practice (though obviously not in theory), no two files should have the same hash value unless the files are identical. more

Building a Secure Global Network

Feb 20, 2019

Recently, the DNS has come under an extensive attack. The so-called "DNSpionage" campaigns have brought to light the myriad methods used to infiltrate networks. These attacks employed phishing, system hopping via key exfiltration, and software zero day exploits, illustrating that many secure networks may not be fully protected. more

NANOG’s Edward Mc Nair to Deliver Keynote Address at CaribNOG 17 in April

Feb 13, 2019

Edward Mc Nair will deliver the keynote address at the next regional meeting of the Caribbean Network Operators Group (CaribNOG), to be held in Bridgetown, Barbados from April 10 to 12. The featured talk will take place on Thursday 11 April at 9 am AST. A live netcast will be available. Mc Nair is the Executive Director of the North American Network Operators Group (NANOG). more

Industry Updates

On the Hunt for Remnants of the Samourai Wallet Crypto Mixing Services in the DNS

A Peek at the V3B Phishing Kit Attack via the DNS Lens

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Following the DNS Trail of APT Group Newbie Unfading Sea Haze

On the DNS Trail of the Foxit PDF Bug Exploitation Attackers

Profiling a Popular DDoS Booter Service’s Ecosystem

A DNS Investigation of the Phobos Ransomware 8Base Attack

Stately Taurus APT Group Targets Asian Countries: What Do the Campaign IoCs Reveal?

Managing Expanding Attack Surfaces for Growing Businesses

Looking for More Signs of Nitrogen in the DNS

A DNS Investigation of the Typhoon 2FA Phishing Kit

Examining a U.S. Tax Scammer’s Web Infrastructure through the DNS Lens

Digging Deep to Examine the Roots of the Glupteba UEFI Bootkit

Hunting for TimbreStealer Malware Artifacts in the DNS

A Glimpse into the Global Domain Registration Trends Seen in Q1 2024

View More