Threat Intelligence

 Sponsored
by

Noteworthy

WHOIS History API: Powering Domain Investigations

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 22, 2019 |   Read More |   13,686

Reverse WHOIS: A Powerful Process in Cybersecurity

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider Jun 14, 2019 |   Read More |   14,985

Domain Research and Monitoring: Keeping an Eye on the Web for You

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 24, 2019 |   Read More |   14,352

Threat Intelligence / Most Commented

Cybersecurity Is Failing Big-Time and This Is Hard to Fix

Jan 28, 2019

It has become clear that having a big cybersecurity war room is not enough to deliver true end-to-end security throughout the complex networks, systems and structures on which our modern society is based. Furthermore, looking at the forever changing draconian government interventions in this space, it is also obvious that they are often stabbing in the dark. more

Hackers Behind Marriott Breach Left Clues Suggesting Link to Chinese Government

Dec 06, 2018

Hackers behind the massive data breach of the hotel group Marriott International Inc have left clues suggesting ties to the Chinese government intelligence-gathering operation. more

Strange Email Used to Inform Marriott Customers About the Massive Data Breach

Dec 04, 2018

Millions of email warnings were sent out by Marriot on Friday to warn customers about the massive data breach which has affected close to half a billion guest data. more

Securing the Routing System at NANOG 74

Oct 17, 2018

The level of interest in the general topic of routing security seems to come in waves in our community. At times it seems like the interest from network operators, researchers, security folk and vendors climbs to an intense level, while at other times the topic appears to be moribund. If the attention on this topic at NANOG 74 is anything to go by we seem to be experiencing a local peak. more

KSK Rollover, Elliptical Curve Vulnerabilities, Surveillance and Privacy. Are We Building Trust?

Oct 14, 2018

ICANN just recently performed a Root Zone DNS Security Extensions (DNSSEC) Key Signing Key (KSK) Rollover. The recent KSK Rollover that took place on the 11th October 2018. The KSK Rollover has been successful and congratulations are in order. The Root Zone DNSSEC Key Signing Key "KSK" is the top most cryptographic key in the DNSSEC hierarchy. The KSK is a cryptographic public-private key pair. more

DNSSEC and DNS over TLS

Aug 20, 2018

The APNIC Blog has recently published a very interesting article by Willem Toorop of NLnet Labs on the relationship between Security Extensions for the DNS (DNSSEC) and DNS over Transport Layer Security. Willem is probably being deliberately provocative in claiming that "DoT could realistically become a viable replacement for DNSSEC." If provoking a reaction was indeed Willem's intention, then he has succeeded for me, as it has prompted this reaction. more

Russian Hackers Have Penetrated U.S. Electric Utilities

Jul 24, 2018

U.S. federal government officials have revealed Russian hackers have been able to gain access to the networks of electric utilities in the country, according to a report by The Wall Street Journal. more

Google Engineer Ben McIlwain on Why HSTS Could Be a Perfect Fit for .Brands Security

Jun 19, 2018

The Google-run .app TLD was always destined to draw attention and scrutiny, from the moment it fetched a then-record ICANN auction price of $25 million. Since it reached General Availability in May it has gained more than 250,000 registrations making it one of the world's most successful TLDs. However perhaps more interesting was Google's choice to add the .app TLD and its widely used .google extension to the HTTP Strict Transport Security (HSTS) Top-Level Domain preload list, offering an unprecedented level of security for all domains under .google and .app. more

DNS Firewall Market Expected to Grow From $90.5 Million in 2018 to $169.7 Million by 2023

May 31, 2018

DNS firewall market size is expected to grow from USD 90.5 million in 2018 to USD 169.7 million by 2023, at a Compound Annual Growth Rate (CAGR) of 13.4% according to a market research conducted by MarketsandMarkets. more

Is Blockchain Causing More Cybersecurity Attacks in the Financial Industry?

Apr 16, 2018

There's a lot of misunderstanding about blockchain. A recent study by HSBC, for example, found that 59 percent of customers around the world had never heard of it. Yet, while that alone is quite telling, it's probably more alarming to consider the fact that very same poll revealed that 80 percent of people who had hard of blockchain did not understand what it is. This level of confusion isn't confined to the general population either. more

Russian-Based Kaspersky Lab Planning on Swiss Data Center to Address Russian Exploit Concerns

Mar 21, 2018

Leading Moscow-based anti-virus software provider Kaspersky Lab is planning to open a data center in Switzerland to address Western government concerns that Russia exploits its anti-virus software to spy on customers, according to a report from Reuters on Wednesday. more

1 Terabit DDoS Attacks Become a Reality; Reflecting on Five Years of Reflections

Mar 05, 2018

Reflection amplification is a technique that allows cyber attackers to both magnify the amount of malicious traffic they can generate, and obfuscate the sources of that attack traffic. For the past five years, this combination has been irresistible to attackers, and for good reason. This simple capability, of turning small requests into larger, 'amplified' responses, changed the Distributed Denial of Service (DDoS) attack landscape dramatically. more

1.3 Tbps DDoS Attack Against GitHub is Largest Attack Seen to Date, Says Akamai

Mar 02, 2018

According to Akamai, the incident was the largest attack seen to date, "more than twice the size of the September 2016 attacks that announced the Mirai botnet and possibly the largest DDoS attack publicly disclosed." more

‘First True’ Native IPv6 DDoS Attack Reported

Feb 28, 2018

Possibly the first documented native IPv6 DDoS attack reported today suggests a DNS dictionary attack which originated from around 1,900 different native IPv6 hosts, on more than 650 different networks. more

Voluntary Reporting of Cybersecurity Incidents

Dec 05, 2017

One of the problems with trying to secure systems is the lack of knowledge in the community about what has or hasn't worked. I'm on record as calling for an analog to the National Transportation Safety Board: a government agency that investigates major outages and publishes the results. In the current, deregulatory political climate, though, that isn't going to happen. But how about a voluntary system? more

Industry Updates

Unraveling the DNS Connections of ToxicPanda

A DNS Deep Dive into New Crypto Threat “Hidden Risk”

New WhoisXML API White Paper Highlights Registration Trends in Top gTLDs and ccTLDs

A DNS Investigation of the GootLoader Campaign

Silent Night, Deadly Sites: How Christmas Cyber Threats Lurk in the DNS

Exploring the SideWinder APT Group’s DNS Footprint

New WhoisXML API Study Highlights Business Insights from ASN and ISP Data

A DNS Deep Dive into FUNULL’s Triad Nexus

Uncovering Potential Black Friday and Thanksgiving Threats with DNS Data

New RomCom Variant Spotted: A Comparative and Expansion Analysis of IoCs

Global Domain Activity Trends Seen in Q3 2024

A DNS Investigation into Mamba, the Latest AitM Phishing Player

A DNS Investigation of the 32 Doppelganger Websites Seized by the U.S. Government

Investigating the Proliferation of Deepfake Scams

Examining the DNS Underbelly of the Voldemort Campaign

View More