Threat Intelligence

 Sponsored
by

Noteworthy

Reverse WHOIS: A Powerful Process in Cybersecurity

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider Jun 14, 2019 |   Read More |   13,851

Domain Research and Monitoring: Keeping an Eye on the Web for You

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 24, 2019 |   Read More |   13,149

WHOIS History API: Powering Domain Investigations

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 22, 2019 |   Read More |   12,585

Threat Intelligence / Featured Blogs

Tackling Cyber Security: Should We Trust the Libertarians? Part 2

Jun 28, 2010

A couple of months ago, I wrote a post posing the question of whether or not more government regulation is required in order to secure the Internet. On the one hand, anonymity is viewed in the west as a forum for freedom of speech. The anonymity of the Internet allows dissidents to speak up against unpopular governments. However, the anonymity afforded by the Internet is not so much by design as it is byproduct of its original designers not seeing how widespread it would eventually become. more

Three Reasons Why It Makes Sense to Deploy DNSSEC Now

Jun 23, 2010

As many of you may know, today .ORG announced that all of its 8.5 million domains are now able to be fully DNSSEC signed - the largest set of domain names in the world so far that has access to this key security upgrade. .. The widespread publicity that the Kaminsky bug got around the world vindicated a decision made in several companies to invest time, effort and money into deploying DNSSEC. The community was split on the value of the DNSSEC effort -- many thought the deployment was quixotic, while a few others thought it was appropriate. more

DNSSEC Becomes a Reality Today at ICANN Brussels

Jun 23, 2010

Attendees at the public ICANN meeting in Brussels today heard from over two dozen companies that have implemented or are planning to support DNSSEC, the next-generation standard protocol for secured domain names. It is clearer than ever before that DNSSEC is becoming a reality. more

KnujOn Releases Internet “Doomsday Book”

Jun 21, 2010

Reporting from Brussels, Belgium. Since January KnujOn has been conducing its own audit of ICANN Registrar contractual compliance and illicit commerce within the generic Top-Level Domain (gTLD) space. Our findings are shocking. more

BP and Incident Response: How Well Do Oil and Security Mix?

Jun 18, 2010

BP and the Oil Industry are taking a lot of heat these days - much of it rightly so. Moving beyond the drama and evaluating the overall response of BP and others reinforces much of what is taught in incident response training and preparation... by showing the outcomes when one does not respond well. This is probably the most important incident that the responders involved will deal with in their professional lives. For those of us working to protect Internet Infrastructure and resources there are useful lessons as we consider what is happening in the Gulf of Mexico and their response effort. more

New Cyber Security Bill Could Increase Power of President and DHS

Jun 17, 2010

Introduced by ranking Senate members of the Homeland Security and Governmental Affairs Committee, the Protecting Cyberspace as a National Asset Act of 2010, S.3480 is intended to create an Office of Cyber Policy in the executive branch of the government, confirmed by the Senate and ultimately reporting to the president. Senators Joe Lieberman, Blanche Lincoln and Tom Carper introduced the bill publicly on June 10, and a critical part of the bill is that critical infrastructure networks such as electricity grids, financial systems and telecommunications networks need to cooperate with the Office of Cyber Policy. more

Who is Blocking WHOIS?

Jun 07, 2010

On April 16 ICANN issued a breach notice to Turkish Registrar Alantron for not consistently providing access to its WHOIS database via Port 43, a command-line query location that all Registrars are required to supply under conditions of their contract with ICANN under section 3.3.1. Four days later they issued a breach to Internet Group do Brazil for the same problem. ... The WHOIS record, as we all know, is a massive fraud with illicit parties filling records with bogus information and hiding behind anonymity. more

Registrar Abacus America is in Corporate Delinquency

Jun 01, 2010

KnujOn has retrieved a document indicating that the ICANN-Accredited Registrar Abacus America is in Corporate Delinquency in the state of Kansas. Kansas defines a company as Delinquent if "The business entity has not filed its annual report and fee by the due date." ... This incident is significant because Abacus America was cited by LegitScript and KnujOn for sponsoring an unlicensed pharmacy selling Schedule 3 substances... more

Deploying DNSSEC: Lessons from Domain Registrar Implementation

May 28, 2010

As a registrar at the front end of the DNSSEC deployment effort, our technical team has made a sustained investment in DNSSEC deployment so that our customers don't get overwhelmed by this wave of changes to the core infrastructure of the Domain Name System. Along the way, we've learnt a lot about how to implement DNSSEC which might hold useful lessons for other organizations that plan to deploy DNSSEC in their networks. more

VeriSign Leaves the Security Certificate Business

May 22, 2010

Earlier this week in a press release, VeriSign said that they are selling their SSL certificate business to Symantec. VeriSign is the dominant player in this market, having absorbed competitor Thawte in 1999, and Geotrust in 2006. Three years ago, when VeriSign decided to divest its non-core businesses, they kept the certificate business. So what's changed? more

Industry Updates

On the Hunt for Remnants of the Samourai Wallet Crypto Mixing Services in the DNS

A Peek at the V3B Phishing Kit Attack via the DNS Lens

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Following the DNS Trail of APT Group Newbie Unfading Sea Haze

On the DNS Trail of the Foxit PDF Bug Exploitation Attackers

Profiling a Popular DDoS Booter Service’s Ecosystem

A DNS Investigation of the Phobos Ransomware 8Base Attack

Stately Taurus APT Group Targets Asian Countries: What Do the Campaign IoCs Reveal?

Managing Expanding Attack Surfaces for Growing Businesses

Looking for More Signs of Nitrogen in the DNS

A DNS Investigation of the Typhoon 2FA Phishing Kit

Examining a U.S. Tax Scammer’s Web Infrastructure through the DNS Lens

Digging Deep to Examine the Roots of the Glupteba UEFI Bootkit

Hunting for TimbreStealer Malware Artifacts in the DNS

A Glimpse into the Global Domain Registration Trends Seen in Q1 2024

View More