Threat Intelligence

 Sponsored
by

Noteworthy

WHOIS History API: Powering Domain Investigations

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 22, 2019 |   Read More |   12,676

Reverse WHOIS: A Powerful Process in Cybersecurity

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider Jun 14, 2019 |   Read More |   13,940

Domain Research and Monitoring: Keeping an Eye on the Web for You

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 24, 2019 |   Read More |   13,243

Threat Intelligence / Most Viewed

Defending Against the Hackers of 1995

Apr 29, 2011

Two factor authentication that uses an uncopyable physical device (such as a cellphone or a security token) as a second factor mitigates most of these threats very effectively. Weaker two factor authentication using digital certificates is a little easier to misuse (as the user can share the certificate with others, or have it copied without them noticing) but still a lot better than a password. Security problems solved, then? more

WikiLeaks Releases CIA Malware Implants Called Assassin and AfterMidnight

May 16, 2017

The recent heavy news coverage of WannaCry has overshadowed the latest WikiLeaks release of critical CIA malware documentation: user manuals for two hacking tools named AfterMidnight and Assassin. more

Researchers Demonstrate Serious Privacy Attacks on 4G and 5G Protocols

Feb 26, 2019

A group of academic researchers have revealed a design weakness in the 4G/5G protocol which can be exploited by an attacker to identify the victim's presence in a particular cell area just from the victim's soft-identity such as phone number and Twitter handle. more

Iran Among Countries Affected by a Cyberattack That Left U.S. Flag on Screens

Apr 09, 2018

A hacking incident over the weekend attacked networks in a number of countries including data centers in Iran where they left the image of a U.S. flag on screens along with a warning: "Don't mess with our elections." more

Airplanes Vulnerable to Hacking, Says U.S. Department of Homeland Security

Nov 15, 2017

Researchers have been able to successfully demonstrate a commercial aircraft can be remotely hacked. more

What’s in Your DNS Query?

Aug 05, 2019

Privacy problems are an area of wide concern for individual users of the Internet -- but what about network operators? Geoff Huston wrote an article earlier this year concerning privacy in DNS and the various attempts to make DNS private on the part of the IETF -- the result can be summarized with this long, but entertaining, quote. more

IoT Botnet Source Code Responsible for Historic Attack Has Been Publicly Released

Oct 03, 2016

The source code for the IoT botnet 'Mirai' has been released," warns security expert Brian Krebs whose own website was targeted with the same botnet resulting in the historically large DDoS attack last month. more

Data Broker Reported to Have Exposed a Database Containing Close to 340 Million Individual Records

Jun 28, 2018

A data broker based in Palm Coast, Florida, is reported to have exposed a database that contained close to 340 million personal records on a publicly accessible server. more

Mobile Malware Growing Exponentially, Limited Capability of Current Security Solutions Big Concern

Nov 16, 2011

Security analysis suggest troubling and escalating trends in the development of malware that exploits vulnerabilities on mobile devices. "From turning mobile devices into bots, to infiltration of mobile applications, driven by the use of personal devices in the workplace, cybercriminals are taking full advantage of this market," reports M86 Security Labs in its just released Threat Predictions Report. more

Researchers Detail Faster Methods to Defeat Botnets Like Conficker and Kraken

Aug 08, 2012

Michael Cooney reporting in NetworkWorld: "Security researchers this week will detail a prototype system they say can better detect so-called Domain Name Generation- (DGA) based botnets such as Conficker and Kraken without the usual labor- and time-intensive reverse-engineering required to find and defeat such malware. The detection system, called Pleiades, monitors traffic below the local DNS server and analyzes streams of unsuccessful DNS resolutions..." more

How to Place Top-Level Domain Trust Anchors in the Root

May 07, 2010

The project to sign the DNS root zone with DNSSEC took an additional step toward completion yesterday with the last of the "root server" hosts switching to serving signed DNSSEC data. Now every DNS query to a root server can return DNSSEC-signed data, albeit the "deliberately unvalidatable" data prior to the final launch. Another key piece for a working signed root is the acceptance of trust anchors in the form of DS records from top-level domain operators. These trust anchors are used to form the chain of trust from the root zone to the TLD. more

Public Cloud Services in Mature Asia/Pacific Region to Reach $7.4 Billion in 2015

Nov 04, 2015

The public cloud services market in the mature Asia/Pacific (AP) region is on pace to grow 8.7 percent in 2015 to total $7.3 billion, up from $6.7 billion in 2014, according to new research from Gartner. more

US House Hearing Scheduled on Internet Stability, IANA Transition

Apr 01, 2014

The Subcommittee on Communications and Technology has scheduled a hearing for Wednesday, April 2, 2014 on "Ensuring the Security, Stability, Resilience, and Freedom of the Global Internet." more

What is a Security Mechanism?

Sep 13, 2019

Orin Kerr recently blogged about a 9th Circuit decision that held that scraping a public web site (probably) doesn't violate the Computer Fraud and Abuse Act (CFAA)... On its surface, it makes sense – you can't steal something that's public – but I think the simplicity of the rule is hiding some profound questions. One, I believe, can most easily be expressed as "what is the cost of the 'attack'"? That is, how much effort must someone expend to get the data? Does that matter? Should it? more

Group Announces Certificate Authority to Encrypt the Entire Web, Lunching in 2015

Nov 18, 2014

EFF, Mozilla, Cisco, Akamai, Identrust, and researchers at the University of Michigan today announced a new certificate authority (CA) initiative called "Let's Encrypt". more

Industry Updates

Uncovering DNS Details on Operation Celestial Force

Global DNS and Domain Activity Trends in Q2 2024

On the Hunt for Remnants of the Samourai Wallet Crypto Mixing Services in the DNS

A Peek at the V3B Phishing Kit Attack via the DNS Lens

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Following the DNS Trail of APT Group Newbie Unfading Sea Haze

On the DNS Trail of the Foxit PDF Bug Exploitation Attackers

Profiling a Popular DDoS Booter Service’s Ecosystem

A DNS Investigation of the Phobos Ransomware 8Base Attack

Stately Taurus APT Group Targets Asian Countries: What Do the Campaign IoCs Reveal?

Managing Expanding Attack Surfaces for Growing Businesses

Looking for More Signs of Nitrogen in the DNS

A DNS Investigation of the Typhoon 2FA Phishing Kit

Examining a U.S. Tax Scammer’s Web Infrastructure through the DNS Lens

Digging Deep to Examine the Roots of the Glupteba UEFI Bootkit

View More