Threat Intelligence

 Sponsored
by

Noteworthy

Domain Research and Monitoring: Keeping an Eye on the Web for You

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 24, 2019 |   Read More |   14,097

Reverse WHOIS: A Powerful Process in Cybersecurity

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider Jun 14, 2019 |   Read More |   14,746

WHOIS History API: Powering Domain Investigations

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 22, 2019 |   Read More |   13,448

Threat Intelligence / Featured Blogs

An Attack on DNS is an Attack on the Internet

Aug 15, 2010

On Saturday Aug 7th, DNS provider DNS Made Easy was the target of a very large denial of service attack. As far as can be determined the total traffic volume exceeded 40 Gigabit/second, enough to saturate 1 million dialup Internet lines. Several of DNS Made Easy's upstream providers had saturated backbone links themselves. There are indications that not only DNS Made Easy suffered from this attack, but the Internet as a whole.

First Leap to Secure Linguistic Internet - Arabic SSL Certificates Launched

Aug 11, 2010

Linguistic Internet is becoming stronger with the first leap to develop non-Latin applications, as Arabic Language SSL Certificates has been launched by M/s ArabicSSL with the support of Live Multilingual Translator and The Multilingual Internet Group. This step is highly appreciable because this will ensure the security and stability and develop trust over new Internet layers of Internationalized Domains (IDN TLDs).

Three Things Registrars Must Do to Enhance Security

Aug 09, 2010

If the rise of phishing has taught us anything, it's that on the Internet, if a digital asset has value, there's somebody out there who wants to steal it. Whether it's a bank account password, a credit card number, a PayPal login, or even a magic sword in an online game, there's a fraudster somewhere trying to misappropriate it for his or her own nefarious purposes. Domain names have always been a target for such criminals.

DNS RPZ, Malicious Domains… Bring Your Own Policy. Dress Casual.

Aug 02, 2010

Paul observed that most new domain names are malicious. Are they? Since the "dawn of tasting", some 30 million domain names have been created for the purposes of interposition on existing name to resource mappings. That is a third of the .COM historical growth, and mostly in the last five years. ... It is difficult not to conclude that interposition on persistent, public referents is without malice, and that the malicious parties are advertisers seeking to transform public referents into private property, as promotional devices...

Taking Back the DNS

Jul 30, 2010

Most new domain names are malicious. I am stunned by the simplicity and truth of that observation. Every day lots of new names are added to the global DNS, and most of them belong to scammers, spammers, e-criminals, and speculators. The DNS industry has a lot of highly capable and competitive registrars and registries who have made it possible to reserve or create a new name in just seconds, and to create millions of them per day. Domains are cheap, domains are plentiful, and as a result most of them are dreck or worse.

Cyberwar vs No Cyberwar

Jul 27, 2010

I was browsing CircleID the other day and came across Bruce Schneier's article on cyberwar. Schneier's article, and the crux of his point, is that the term cyber war and the threat of cyber warfare has been greatly exaggerated. The real problem in cyberspace is not the threat of cyber warfare wherein a foreign government, or possibly non-state actor, conducts a cyber attack on another nation.

Would You Fly an Airplane That Had a Pre-flight Checkout That Was Only 40 Percent Complete?

Jul 26, 2010

In the aviation world safety is paramount. Commercial airlines go to major lengths to make sure that their planes are fully up to code and can fly safely in the air. The risks - loss of human lives - are far too extreme to take any chances. One result of this diligence is the fact that travel by plane is far safer than any other method - nearly 40 times safer per mile than travel by car. While application security risks are not as dire, research shows CSOs fail to use the same stringent level of safety to secure their Internet-facing applications.

Website Seals of Approval: Can You Trust Them?

Jul 22, 2010

The abuse of well-known seal of approvals seems to be the latest ruse used by online fraudsters. Leveraging reputable names that existed long before anyone heard of the Internet is a blaring reminder that even trustworthy seals are not off limits to scammers. In fact, linking to reliable sources of reviews and certification is proving to be an essential part of any fraud strategy today.

Moving DNSSEC Forward: Help for Registries, Registrars, ISPs/Hosting, Enterprises, and Name Owners

Jul 20, 2010

DNSSEC adoption has been slow, but is now picking up speed, thanks to organizations leading the way. ... While some registries have already signed, some have announced plans to sign and others are still trying to figure out their plan. Either way, DNSSEC is here. How can we make DNSSEC adoption quicker and easier not only for the registry but for individual name owners?

Engaging Consumers in Cyber Security: It’s Up to You

Jul 15, 2010

In a perfect world, consumers recognize authentic emails from fake, update their operating system, browser and anti-virus software, and have a healthy skepticism about the safety of the Internet. The bad guys hate perfect, so we should be working with consumers to stop them. ... Organizations like mine are joining forces to recruit consumers -- who are also your customers and employees -- in the fight against cybercrime.

Industry Updates

New RomCom Variant Spotted: A Comparative and Expansion Analysis of IoCs

Global Domain Activity Trends Seen in Q3 2024

A DNS Investigation into Mamba, the Latest AitM Phishing Player

A DNS Investigation of the 32 Doppelganger Websites Seized by the U.S. Government

Investigating the Proliferation of Deepfake Scams

Examining the DNS Underbelly of the Voldemort Campaign

2024 Domain Intelligence Study of 6 APT Groups Notorious for Targeting Europe

Stripping Down the BlackSuit Ransomware Network Aided by DNS Data

A DNS Deep Dive into the NetSupport RAT Campaign

Tracking the DNS Footprint of the Polyfill Supply Chain Attackers

Study by WhoisXML API Explores IDNs, Native-Language Characters, and Homograph Attacks

The Extended Reach of the Extension Trojan Campaign in the DNS

Inspecting Konfety’s Evil Twin Apps through the DNS Lens

Hunting for U.S. Presidential Election-Related Domain Threats in the DNS

A Closer Look at the Meduza Stealer through a DNS Deep Dive

View More