Threat Intelligence

Sponsored
by

Noteworthy

Domain Research and Monitoring: Keeping an Eye on the Web for You

WHOIS History API: Powering Domain Investigations

Reverse WHOIS: A Powerful Process in Cybersecurity

Threat Intelligence / Featured Blogs

ICANN Org’s Multifaceted Response to DNS Abuse

While the March report from ICANN's Domain Abuse Activity Reporting system show a general reduction in second-level gTLD domain names identified as being used in phishing, malware distribution, and botnet command and control, it has been widely reported that criminals are taking advantage of the global COVID-19 pandemic by launching malicious online campaigns. There have also been numerous reports of spikes in the use of COVID-19-related domain names for DNS Abuse.

Remote Work Demands Encryption

Now that we are all working from home (WFH), the need for encryption must also increase in priority and awareness. Zoom's popular video conferencing solution got in hot water because they promised "end-to-end" encryption but didn't deliver on it - prompting some organizations to ban it from use altogether. Encryption protects confidential information from being exposed in transmission, providing a secure way for the intended recipient to get the information without snooping by others.

Coronavirus Online Threats Going Viral, Part 3: Mobile Apps

In part three of this series of posts looking at emerging internet content relating to coronavirus, we turn our attention to mobile apps - another digital content channel that can be used by criminals to take advantage of people's fears about the health emergency for their own gain.One of the most common attack vectors we have found in our analysis is the use of apps purporting to track global progression of COVID-19, or provide other information, but which instead incorporate malicious content.

How to Secure Your Data During Coronavirus

Nobody loves a good crisis more than a hacker and, by anyone's definition, coronavirus is a big, fat stinking crisis that almost everyone on earth is sitting in the middle of. For most of us, a crisis brings out the best. First responders and the healthcare systems are replete with stories of superhuman sacrifice and commitment to others. Unfortunately, it is this commitment to the work at hand that puts cybersecurity on the back burner and increases the chance of a breach, break-in, or general mischief.

Coronavirus Online Threats Going Viral, Part 2: Marketplaces

In the midst of the coronavirus crisis and the partial or total quarantines happening around the world, more people are turning to eCommerce for their purchases. This, combined with the increased demand for healthcare and healthcare-related products, is causing surges of activity on online marketplaces. Perhaps least surprising is the growth in the number of listings for cleaning and hygiene products (e.g., hand sanitizer), as well as facemasks...

The True Effect of Corona on the DNS

In recent weeks we've seen a range of press articles, security blogposts and public statements addressing real or perceived issues with network capacity and the domain name system (DNS) in particular. These range from concerns about the resilience of the DNS with questions on the impact of the number of registrations to news indicating that a tidal wave of fraud and abuse is hitting the world.

Is Zoom’s Server Security Just as Vulnerable as the Client Side?

Zoom programmers made elementary security errors when coding, and did not use protective measures that compiler toolchains make available. It's not a great stretch to assume that similar flaws afflict their server implementations. While Mudge noted that Zoom's Windows and Mac clients are (possibly accidentally) somewhat safer than the Linux client, I suspect that their servers run on Linux.Were they written with similar lack of attention to security?

Can Legislatures Safely Vote by Internet?

It is a well understood scientific fact that Internet voting in public elections is not securable: "the Internet should not be used for the return of marked ballots. ... [N]o known technology guarantees the secrecy, security, and verifiability of a marked ballot transmitted over the Internet." But can legislatures (city councils, county boards, or the U.S. Congress) safely vote by Internet? Perhaps they can. To understand why, let's examine two important differences between legislature votes and public elections.

Coronavirus Online Threats Going Viral, Part 1: Domain Names

As news of the spread of the coronavirus (COVID-19) continues to emerge, CSC has undertaken the first in a series of studies looking at how the development of the crisis has affected online content. This first article looks at the numbers of registered domains with names containing coronavirus-related strings - "coronavirus" or "covid(-)19" (optional hyphen) - and analyzes the types of content present on the associated websites.

New Cyberthreats: Have You Been Exposed at Home?

There are new threats that you may have already been exposed to. Here are some of the new threats and advice on how to protect yourself. During this pandemic, Zoom has emerged as a very popular teleconferencing choice for companies and educational institutions, but a new weakness for Zoom was also discovered. Some online conferences and classes that had not password protected their sessions fell victim to eavesdroppers using the screen sharing feature to "Zoom Bomb" those sessions with graphic images.