Threat Intelligence

 Sponsored
by

Noteworthy

Reverse WHOIS: A Powerful Process in Cybersecurity

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider Jun 14, 2019 |   Read More |   11,959

WHOIS History API: Powering Domain Investigations

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 22, 2019 |   Read More |   10,743

Domain Research and Monitoring: Keeping an Eye on the Web for You

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 24, 2019 |   Read More |   11,175

Threat Intelligence / Featured Blogs

US Election-Related Web Properties Prone to Fraud and Misinformation Due to Lack of Domain Security

Oct 15, 2020

The risks of fraud and disinformation in the U.S. election process have been hiding in plain sight. CSC's new research finds that a large majority of web domains closely linked to the campaign websites for Joe Biden and Donald Trump lack basic domain security protocols and are prone to domain spoofing tactics. This makes them a potential target for hackers looking to spread disinformation ahead of the election, and criminals who want to take advantage of voter intentions... more

Phishing 2020: A Concentrated Dose of Badness

Oct 14, 2020

How much phishing is there? Where is it occurring, and why? How can it be reduced? I and my colleagues at Interisle Consulting have just published a new study called Phishing Landscape 2020, designed to answer those questions. We assembled a deep set of data from four different, respected threat intelligence providers and enriched it with additional DNS data and investigation. The result is a look at phishing attacks that occurred in May through July 2020. more

Only Bad Actors Should Worry About the URS

Sep 08, 2020

With DNS abuse a topic of increased concern throughout the community, any controversy over adopting the Uniform Rapid Suspension System (URS) for all generic top-level domains (gTLDs) seems misplaced. The URS was designed as a narrow supplement to the Uniform Domain-Name Dispute Resolution Policy (UDRP), applicable only in certain tightly defined circumstances of clear-cut and incontrovertible trademark infringement involving the registration and use of a domain name. more

New CSC Research Finds Significant Lack of Redundancy for Enterprise DNS

Aug 29, 2020

As outlined in CSC's recent 2020 Domain Security Report: Forbes Global 2000 Companies, cybercriminals are disrupting organizations by attacking the protocol responsible for their online presence -- their domain name system (DNS). When a DNS is overwhelmed with traffic due to a distributed denial of service (DDoS) attack or configuration error, content and applications become inaccessible to users, affecting both revenue and reputation. more

The Countdown Has Started – Here Come One-Year Digital Certificate Life Cycles

Aug 26, 2020

Apple announced its decision to trust only one-year digital certificates on its Safari browser in February 2020. This decision created a domino effect, with Mozilla and Google following suit; certificate providers announced they would not issue two-year certificates after Aug. 19, 2020. We wrote an article in March to help brands to prepare for this change. more

What Trademark Owners Need to Know to Avoid Reverse Domain Name Hijacking

Jul 24, 2020

A cybersecurity company recently attempted reverse domain name hijacking for an exact match domain name of its brand, and in so doing, failed in both its bid to take ownership of the domain and potentially damaged their reputation by using this somewhat nefarious tactic and abusing the Uniform Domain Name Dispute Resolution Policy (UDRP) process. more

The State of DNS Abuse: Moving Backward, Not Forward

Jul 23, 2020

ICANN's founding promise and mandate are optimistic -- ensure a stable and secure internet that benefits the internet community as a whole. Recent months, however, have highlighted the uncomfortable truth that ICANN's and the industry's approach to DNS abuse is actually moving backward, ignoring growing problems, abdicating on important policy issues, and making excuses for not acting. Further, the impending failure of ICANN's new WHOIS policy to address cybersecurity concerns will add fuel to the fire, resulting in accelerating DNS abuse that harms internet users across the globe. more

Hot Take on the Twitter Hack

Jul 20, 2020

If you read this blog, you've probably heard by now about the massive Twitter hack. Briefly, many high-profile accounts were taken over and used to tweet scam requests to send Bitcoins to a particular wallet, with the promise of double your money back. Because some of the parties hit are sophisticated and security-aware, it seems unlikely that the attack was a straightforward one directly on these accounts. more

Beware of Abandoned Domain Names in this Turbulent Time and as the Global Economy Changes

Jul 17, 2020

The outbreak of COVID-19 has caused worldwide disruption -- for whole nations and their economies. Unfortunately, there will be some side effects for businesses. A number of brands will disappear from the streets and shelves, as businesses that fail to weather the storm will have to fold. Companies that do survive will likely focus more on their core markets, pulling brands out of higher risk, less profitable markets... more

DNS: An Essential Component of Cloud Computing

Jul 14, 2020

The evolution of the internet is anchored in the phenomenon of new technologies replacing their older counterparts. But technology evolution can be just as much about building upon what is already in place, as it is about tearing down past innovations. Indeed, the emergence of cloud computing has been powered by extending an unlikely underlying component: the more than 30-year-old global Domain Name System (DNS). more

Industry Updates

Signs of Ongoing RedLine Stealer Operation Found Through a DNS Deep Dive

Rogue Bulletproof Hosts May Still Be Alive and Kicking as DNS Intel Shows

Carding, Still in Full Swing as DNS Intel Shows

A DNS Deep Dive into BreachForums Domains

APT29 Goes from Targeted Attacks to Phishing via NOBELIUM: A DNS Deep Dive

Tracing BlackNet RAT’s History through a DNS Deep Dive

Phisher Abusing .com TLD?

Phishing Group Found Abusing .top Domains

Fishing for QR Code Phishing Traces in the DNS

Catching Messenger Phishing Footprints Using a DNS Net

Rhysida, Not Novel but Still Dangerous: DNS Revelations

The Makings of ADHUBLLKA According to the DNS

Probing the DNS for Signs of XLoader Abuse

DNS Abuse and Redirection: Enough for a New JS Malware to Hide Behind?

Hot on the DNS Trail of the 16shop Phishing Kit Operators

View More