Threat Intelligence

 Sponsored
by

Noteworthy

Domain Research and Monitoring: Keeping an Eye on the Web for You

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 24, 2019 |   Read More |   14,092

Reverse WHOIS: A Powerful Process in Cybersecurity

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider Jun 14, 2019 |   Read More |   14,740

WHOIS History API: Powering Domain Investigations

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 22, 2019 |   Read More |   13,445

Threat Intelligence / Featured Blogs

Fear of Disaster: 5 Tips to Help Enterprises Cope

Sep 04, 2014

IT disasters can strike anywhere, anytime. In 1983, a faulty Soviet warning system nearly precipitated World War III -- the system claimed five missiles were en route from the U.S. Only quick thinking by Lt. Col. Stanislav Petrov saved the day when he realized the United States would never launch so few warheads. And in 2004, a private contractor working with the British Child Support Agency (CSA) suffered a glitch that overpaid 1.9 million people and underpaid 700,000.

Verisign Mitigates 300 Gbps DDoS Attack and Other Q2 2014 DDoS Trends

Aug 13, 2014

It has been another busy quarter for the team that works on our DDoS Protection Services here at Verisign. As detailed in the recent release of our Q2 2014 DDoS Trends Report, from April to June of this year, we not only saw a jump in frequency and size of attacks against our customers, we witnessed the largest DDoS attack we've ever observed and mitigated -- an attack over 300 Gbps against one of our Media and Entertainment customers.

Six Approaches to Creating an Enterprise Cyber Intelligence Program

Aug 05, 2014

As few as seven years ago, cyber-threat intelligence was the purview of a small handful of practitioners, limited mostly to only the best-resourced organizations - primarily financial institutions that faced large financial losses due to cyber crime - and defense and intelligence agencies involved in computer network operations. Fast forward to today, and just about every business, large and small, is dependent on the Internet in some way for day-to-day operations, making cyber intelligence a critical component of a successful business plan.

Anti-Spoofing, BCP 38, and the Tragedy of the Commons

Aug 01, 2014

In the seminal 1968 paper "The Tragedy of the Commons" , Garrett Hardin introduced the world to an idea which eventually grew into a household phrase. In this blog article I will explore whether Hardin's tragedy applies to anti-spoofing and Distributed Denial of Service (DDoS) attacks in the Internet, or not... Hardin was a biologist and ecologist by trade, so he explains "The Tragedy of the Commons" using a field, cattle and herdsmen.

What Should PGP Look Like?

Jul 23, 2014

Those who care about security and usability - that is, those who care about security in the real world - have long known that PGP isn't usable by most people. It's not just a lack of user-friendliness, it's downright user hostile. Nor is modern professional crypto any better. What should be done? How should crypto in general, and PGP in particular, appear to the user? I don't claim to know, but let me pose a few questions.

Senate Judiciary Committee Hearing on Botnet Takedowns (July 15, 2014)

Jul 09, 2014

The background is of course quite interesting, given how soon it has followed Microsoft's seizure of several domains belonging to Dynamic DNS provider no-ip.com for alleged complicity in hosting trojan RAT gangs, a couple of days after which the domains were subsequently returned -- without public comment -- to Vitalwerks, the operator of No-IP. This is by no means a new tactic for Microsoft, who has carried out successful seizures of various domains over the past two or three years.

It’s Time to Talk Solutions on Mass Surveillance

Jul 03, 2014

The public discussion of surveillance one year on from the Snowden revelations remains a search for the biggest sinner. New stories 'outing' countries and companies are great transparency and essential for healthy societies but they have a side effect that isn't so benign: they create an evergreen source of new justifications for security services to demand more money for a surveillance and counter-surveillance arms race.

Painting Ourselves Into a Corner with Path MTU Discovery

Jun 30, 2014

In Tony Li's article on path MTU discovery we see this text: "The next attempt to solve the MTU problem has been Packetization Layer Path MTU Discovery (PLPMTUD). Rather than depending on ICMP messaging, in this approach, the transport layer depends on packet loss to determine that the packet was too big for the network. Heuristics are used to differentiate between MTU problems and congestion. Obviously, this technique is only practical for protocols where the source can determine that there has been packet loss. Unidirectional, unacknowledged transfers, typically using UDP, would not be able to use this mechanism. To date, PLPMTUD hasn't demonstrated a significant improvement in the situation." Tony's article is (as usual) quite readable and useful, but my specific concern here is DNS...

Is Your New TLD Protected Against Phishing and Malware?

Jun 19, 2014

Until now, the criminals behind malware and phishing have had only 22 generic top-level domain names (TLDs) to abuse -- names like .com, .net or .org. But with hundreds of new TLDs entering the marketplace, e.g. .buzz, .email, and .shop, there are many more targets than ever... What can attackers do with domain names?

Do I need DDoS protection? A Realistic Look at the Decision Process

Jun 13, 2014

There has been a recent spate of well publicised Distributed Denial of Service (DDoS) attacks that bring websites down and render them useless, including Evernote and most recently Feedly. In light of this, here are some comments and tips to help companies evaluate and prepare not to be held for ransom or suffer lost reputation and sales as a result.

Industry Updates

New RomCom Variant Spotted: A Comparative and Expansion Analysis of IoCs

Global Domain Activity Trends Seen in Q3 2024

A DNS Investigation into Mamba, the Latest AitM Phishing Player

A DNS Investigation of the 32 Doppelganger Websites Seized by the U.S. Government

Investigating the Proliferation of Deepfake Scams

Examining the DNS Underbelly of the Voldemort Campaign

2024 Domain Intelligence Study of 6 APT Groups Notorious for Targeting Europe

Stripping Down the BlackSuit Ransomware Network Aided by DNS Data

A DNS Deep Dive into the NetSupport RAT Campaign

Tracking the DNS Footprint of the Polyfill Supply Chain Attackers

Study by WhoisXML API Explores IDNs, Native-Language Characters, and Homograph Attacks

The Extended Reach of the Extension Trojan Campaign in the DNS

Inspecting Konfety’s Evil Twin Apps through the DNS Lens

Hunting for U.S. Presidential Election-Related Domain Threats in the DNS

A Closer Look at the Meduza Stealer through a DNS Deep Dive

View More