Threat Intelligence

 Sponsored
by

Noteworthy

WHOIS History API: Powering Domain Investigations

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 22, 2019 |   Read More |   11,890

Reverse WHOIS: A Powerful Process in Cybersecurity

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider Jun 14, 2019 |   Read More |   13,144

Domain Research and Monitoring: Keeping an Eye on the Web for You

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 24, 2019 |   Read More |   12,407

Threat Intelligence / Most Commented

Brad Templeton in Response to Site Finder Controversy

Sep 17, 2003

A harmful, highly unilateral and capricious action. Tons of software out there depended on the ability to tell the difference between a domain name which exists and does not. They use that to give a meaningful, locally defined error to the user, or to identify if an E-mail address will work or not before sending the mail. Many used it as a way to tag spam (which came from domains that did not exist). It is the local software that best knows how to deal with the error. more

With No Privacy Standards Who Knows Who Is Abusing The Whois Database

Apr 10, 2003

John Banks is a loan officer in New York. John's supervisor recently warned John about the potential number of bad loans he may be carrying as part of his portfolio. To dump some of the bad loans he might be carrying, John came up with a scheme. He pointed his web browser to www.whois.org and entered terms denoting disease or poor health such as 'cancer' and 'illness'. This query on the Internet's WHOIS database reported results of names and addresses of domain name owners who had developed websites devoted to providing information on certain serious illnesses. John compared these names and addresses with those in his portfolio of loans. For the matches, he canceled the loans and required immediate payment-in-full. more

Preventing Future Attacks: Alternatives In DNS Security Management - Part II

Nov 20, 2002

In Part I of this article I set the stage for our discussion and overviewed the October 21st DDoS attacks on the Internet's 13 root name servers. In particular, I highlighted that the attacks were different this time, both in size and scope, because the root servers were attacked at the same time. I also highlighted some of the problems associated with the Domain Name System and the vulnerabilities inherent in BIND. Part II of this article takes our discussion to another level by critically looking at alternatives and best practices that can help solve the security problems we've raised. more

Preventing Future Attacks: Alternatives In DNS Security Management - Part I

Nov 06, 2002

The October 21 DDoS attacks against the 13 root-name servers containing the master domain list for the Internet's Domain Name System (DNS), (which reportedly took offline 9 of the 13 servers) remain a clear and daunting reminder of the vulnerabilities associated with online security. Many DNS authorities have named the most recent hit the largest DDoS attack against the root server system. Chris Morrow, network security engineer for UUNET, the service provider for two of the world's 13 root servers, recently told The Washington Post... more

Have You Monitored Your DNS Performance Lately?

Sep 13, 2002

Domain Name System (DNS) surveys such as that recently conducted by Men & Mice continually demonstrate that the DNS is riddled with errors. Since the DNS continues to work, this raises three questions:

1. Does it matter that the DNS is riddled with errors?
2. Why is it riddled with errors?
3. How can it be fixed? more

Industry Updates

A Glimpse into the Global Domain Registration Trends Seen in Q1 2024

Uncovering Suspicious Download Pages Linked to App Installer Abuse

On the DNS Trail of the Rise of macOS Backdoors

Checking Out the DNS for More Signs of ResumeLooters

WhoisXML API Publishes a New Study of 7 APT Groups That Have Targeted North America

Searching for Potential Propaganda Vehicle Presence in the DNS

Following the VexTrio DNS Trail

DarkGate RAT Comes into the DNS Spotlight

Tracing Ivanti Zero-Day Exploitation IoCs in the DNS

DNS Investigation: Is xDedic Truly Done for After Its Takedown?

DNS Deep Diving into Pig Butchering Scams

The New RisePro Version in the DNS Spotlight

Tracking Down Sea Turtle IoCs in the DNS Ocean

Tracing the DNS Spills of the OilRig Cyber Espionage Group

Uncloaking the Underbelly of JinxLoader

View More