Threat Intelligence

 Sponsored
by

Noteworthy

Domain Research and Monitoring: Keeping an Eye on the Web for You

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 24, 2019 |   Read More |   13,152

Reverse WHOIS: A Powerful Process in Cybersecurity

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider Jun 14, 2019 |   Read More |   13,854

WHOIS History API: Powering Domain Investigations

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 22, 2019 |   Read More |   12,588

Threat Intelligence / Most Commented

Facebook Security Vulnerability Allowed Attackers to Steal User Access Tokens Affecting 50 Million

Sep 28, 2018

Facebook alerted users today that its engineering team on Tuesday had discovered a security issue affecting almost 50 million accounts. more

Security Experts, Privacy Advocates Hopeful Rollout of 5G Can Eliminate Surveillance Vulnerabilities

Sep 28, 2018

Security experts and privacy advocates see the rollout of the new 5G wireless network as a possible solution to eliminate surveillance vulnerabilities that allow spying on nearby phone calls. more

The Security Talent Gap Is Misunderstood and AI Changes It All

Sep 27, 2018

Despite headlines now at least a couple of years old, the InfoSec world is still (largely) playing lip-service to the lack of security talent and the growing skills gap. The community is apt to quote and brandish the dire figures, but unless you're actually a hiring manager striving to fill low to mid-level security positions, you're not feeling the pain -- in fact, there's a high probability many see problem as a net positive in terms of their own employment potential and compensation. more

BGP Security: A Gentle Reminder that Networking is Business

Sep 25, 2018

At NANOG on the Road (NotR) in September of 2018, I participated in a panel on BGP security -- specifically the deployment of Route Origin Authentication (ROA), with some hints and overtones of path validation by carrying signatures in BGP updates (BGPsec). This is an area I have been working in for... 20 years? ... at this point, so I have seen the argument develop across these years many times, and in many ways. more

The Root KSK Rollover? What Does It Mean for Me?

Sep 24, 2018

In a little over two weeks, precisely in 17 days (on 11 October 2018 at 16:00 UTC), ICANN will roll the Domain Name System Security Extensions (DNSSEC) root Key Signing Key (KSK). If you are a Domain Name System (DNS) and DNSSEC expert already engaged globally on the topic, you are certainly both well aware and ready for the rollover. This article is probably not for you! If however, you are out there focused on your day to day running or managing a DNS infrastructure... more

Lessons Learned from the Namejuice/DROA/DROC Outage

Sep 19, 2018

Last week an ICANN registrar, Namejuice, went off the air for the better part of the day -- disappearing off the internet at approximately 8:30 am, taking all domains delegated to its nameservers with it, and did not come back online until close to 11 pm ET. That was a full business day and more of complete outage for all businesses, domains, websites, and email who were using the Namejuice nameservers -- something many of them were doing. more

Continued Threats from Malware

Sep 17, 2018

As part of my job, I manage an incident response team that was engaged by a significant organization in Georgia whose network was infected by the QBOT (a.k.a. QAKBOT) malware. The customer had been infected for over a year, several teams before ours had failed to solve the problem, and they continued to get reinfected by the malware when they thought they had eradicated it. Over time it had spread to more than 1,000 computers in their ecosystem stealing user credentials along the way. more

Current Security Measures Not Enough to Protect Data in Lost or Stolen Laptops, Experts Warn

Sep 13, 2018

A weakness in modern computers allows attackers to steal encryption keys and other sensitive information, according to the latest discovery by cybersecurity firm F-Secure. more

Frequency of DDoS Attacks Risen by 40% While Duration of Attacks Decrease

Sep 12, 2018

The frequency of DDoS attacks has risen by 40% year on year while the duration of attacks decreased with 77% lasting ten minutes or less, according to a new report released by Corero Network Security. more

A Look at the Current State of DNSSEC in the Wild

Sep 06, 2018

The DNS system is, unfortunately, rife with holes like Swiss Cheese; man-in-the-middle attacks can easily negate the operation of TLS and website security. To resolve these problems, the IETF and the DNS community standardized a set of cryptographic extensions to cryptographically sign all DNS records... Now that these standards are in place, how heavily is DNSSEC being used in the wild? How much safer are we from man-in-the-middle attacks against TLS and other transport encryption mechanisms? more

Iranian Influence Operation Worldwide Significantly Larger Than Previously Identified

Aug 29, 2018

An apparent Iranian influence operation targeting internet users worldwide is reported as significantly larger than previously identified, Reuters reports. more

ICANN Facing Critical Choice for Plan to Change DNS Cryptographic Key

Aug 24, 2018

While the majority of ICANN's Security and Stability Advisory Committee (SSAC) have given the organization the green signal to roll, or change, the "top" pair of cryptographic keys used in the DNSSEC protocol, commonly known as the Root Zone KSK (Key Signing Key), five members of the committee advised against the October 11 rollover timeline. more

Large-Scale Study by Security Researchers in China Sheds Light on the Scope of DNS Interception

Aug 23, 2018

During the 27th Usenix Security Symposium held in Baltimore, MD last week, a group of researchers from China revealed results obtained from a large-scale analysis DNS interceptions. more

Join the Quantum Internet Hackathon 2018

Aug 22, 2018

The eighth RIPE NCC hackathon takes on the Quantum Internet! The hackathon will be held during the weekend before RIPE 77 in Amsterdam, and is co-organised by QuTech and TU Delft, along with the RIPE NCC. We're bringing together network operators, quantum networking researchers, students, hackers, software developers and artists, to imagine and build the tools for the future Internet. more

Trump Relaxes U.S. Regulation to Launch Cyberattacks

Aug 16, 2018

President Donald Trump has reversed an Obama-era policy that set limits on how the United States deploys cyberattacks. more

Industry Updates

On the Hunt for Remnants of the Samourai Wallet Crypto Mixing Services in the DNS

A Peek at the V3B Phishing Kit Attack via the DNS Lens

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Following the DNS Trail of APT Group Newbie Unfading Sea Haze

On the DNS Trail of the Foxit PDF Bug Exploitation Attackers

Profiling a Popular DDoS Booter Service’s Ecosystem

A DNS Investigation of the Phobos Ransomware 8Base Attack

Stately Taurus APT Group Targets Asian Countries: What Do the Campaign IoCs Reveal?

Managing Expanding Attack Surfaces for Growing Businesses

Looking for More Signs of Nitrogen in the DNS

A DNS Investigation of the Typhoon 2FA Phishing Kit

Examining a U.S. Tax Scammer’s Web Infrastructure through the DNS Lens

Digging Deep to Examine the Roots of the Glupteba UEFI Bootkit

Hunting for TimbreStealer Malware Artifacts in the DNS

A Glimpse into the Global Domain Registration Trends Seen in Q1 2024

View More