Threat Intelligence

 Sponsored
by

Noteworthy

Domain Research and Monitoring: Keeping an Eye on the Web for You

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 24, 2019 |   Read More |   13,146

WHOIS History API: Powering Domain Investigations

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 22, 2019 |   Read More |   12,582

Reverse WHOIS: A Powerful Process in Cybersecurity

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider Jun 14, 2019 |   Read More |   13,849

Threat Intelligence / News Briefs

Bruce Schneier: Government and Industry Have Betrayed the Internet, and Us

Sep 06, 2013

Bruce Schneier in an op-ed piece published in the Guardian on Thursday writes: "Government and industry have betrayed the internet, and us. By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract..." more

Dotless Domains Considered Harmful, Says IAB

Jul 11, 2013

In light of recent controversies around the implementation of dotless domains, the Internet Architecture Board (IAB) has released a statement calling the practice harmful. From the executive summary: "It has come to the attention of the IAB that there are proposals for so-called "dotless" domains in the root zone, and that some existing top-level domains (TLDs) are already operating in such a mode. TLD operators of dotless domains are intending that single label names -- those containing no dots -- resolve to the TLD itself, rather than be resolved locally, within the context of the local site at which the user resides." more

Renowned Security Expert Bruce Schneier Joins EFF Board of Directors

Jun 27, 2013

Schneier's insight is considered particularly important according to EFF, as more and more is learnt "about the unconstitutional surveillance programs from the National Security Agency and the depth and breadth of data the NSA is collecting on the public." more

Google Data on State of Web Security

Jun 25, 2013

As part of its Transparency Report, Google recently released large amount of data related to unsafe websites. Google groups unsafe websites into two main categories: Malware and Phishing sites. more

Arrest Made in Connection to Spamhaus DDoS Case

Apr 29, 2013

According to a press release by the Openbaar Ministerie (the Public Prosecution Office), a dutch man with the initials SK has been arrested in Spain for the DDoS attacks on Spamhaus. more

Massive Spam and Malware Campaign Following Boston Tragedy

Apr 17, 2013

On April 16th at 11:00pm GMT, the first of two botnets began a massive spam campaign to take advantage of the recent Boston tragedy. The spam messages claim to contain news concerning the Boston Marathon bombing, reports Craig Williams from Cisco. The spam messages contain a link to a site that claims to have videos of explosions from the attack. Simultaneously, links to these sites were posted as comments to various blogs. more

U.S. CERT Issues Alert on DNS Amplification Attacks

Mar 31, 2013

Neil Schwartzman writes to report that U.S. Cert issued Alert TA13-088A on Friday March 29, 2013. "It is a solid how-to guide to test for, and remediate DNS configurations that can be used for Distributed Denial of Service attacks." more

Google Announces DNSSEC Support for Public DNS Service

Mar 19, 2013

Google today announced that its "Public DNS" service is now performing DNSSEC validation. Yunhong Gu, Team Lead for Google Public DNS, in post today wrote: "We launched Google Public DNS three years ago to help make the Internet faster and more secure.Today, we are taking a major step towards this security goal: we now fully support DNSSEC (Domain Name System Security Extensions) validation on our Google Public DNS resolvers." more

ICANN Releases Guideline for Coordinated Vulnerability Disclosure Reporting

Mar 12, 2013

ICANN has released a set of guidelines to explain its Coordinated Vulnerability Disclosure Reporting. The guidelines serve two purposes, says ICANN: "They define the role ICANN will perform in circumstances where vulnerabilities are reported and ICANN determines that the security, stability or resiliency of the DNS is exploited or threatened. The guidelines also explain how a party, described as a reporter, should disclose information on a vulnerability discovered in a system or network operated by ICANN." more

DDoS Attacks on US Banks This Week Peaked at 60 Gbps

Dec 14, 2012

Distributed denial-of-service (DDoS) attacks that targeted U.S. financial institutions this week have reached 60 Gbps, according to researchers from DDoS mitigation provider Arbor Networks. more

SANS Develops Small-Scale City to Train Cyber Warriors

Nov 28, 2012

SANS has announced NetWars CyberCity, a small-scale city located close by the New Jersey Turnpike complete with a bank, hospital, water tower, train system, electric power grid, and a coffee shop. NetWars CyberCity was developed to teach cyber warriors from the U.S. Military how online actions can have kinetic effects. more

Latest Makadocs Malware Uses Google Drive Viewer As Proxy to Command and Control Server

Nov 19, 2012

Security researchers have found a new variant of the Macadocs malware to be using Google docs as a proxy server and not connecting to a command and control server directly. In a blog post on Friday, Symantec researcher Takashi Katsuki, wrote... more

M3AAWG, London Action Plan Release Best Practices to Address Online and Mobile Threats

Oct 30, 2012

A cooperative international report was released last week outlining Internet and mobile best practices aimed at curtailing malware, phishing, spyware, bots and other Internet threats. It also provides extensive review of current and emerging threats. "Best Practices to Address Online and Mobile Threats" is a comprehensive assessment of Internet security as it stands today... more

FBI Agent Thomas X. Grasso Receives First J.D. Falk Award for Establishing DNS Changer Working Group

Oct 30, 2012

Convincing competitors, disparate business entities and researchers to collaborate - many donating their services and resources - to protect millions of end-users worldwide is no small feat. Yet FBI Supervisory Special Agent Thomas X. Grasso did just that by quietly working behind the scenes to create the DNS Changer Working Group that saved an inestimable number of end-users from losing access to the Web over the last two years. more

The Tale of Thousands of Hacked Modems in Brazil, Affecting Millions

Oct 02, 2012

Kaspersky Lab Expert, Fabio Assolini, has provided detailed description of an attack which as been underway in Brazil since 2011 using 1 firmware vulnerability, 2 malicious scripts and 40 malicious DNS servers, affecting 6 hardware manufacturers, resulting in millions of Brazilian internet users falling victim to a sustained and silent mass attack on DSL modems. more

Industry Updates

On the Hunt for Remnants of the Samourai Wallet Crypto Mixing Services in the DNS

A Peek at the V3B Phishing Kit Attack via the DNS Lens

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Following the DNS Trail of APT Group Newbie Unfading Sea Haze

On the DNS Trail of the Foxit PDF Bug Exploitation Attackers

Profiling a Popular DDoS Booter Service’s Ecosystem

A DNS Investigation of the Phobos Ransomware 8Base Attack

Stately Taurus APT Group Targets Asian Countries: What Do the Campaign IoCs Reveal?

Managing Expanding Attack Surfaces for Growing Businesses

Looking for More Signs of Nitrogen in the DNS

A DNS Investigation of the Typhoon 2FA Phishing Kit

Examining a U.S. Tax Scammer’s Web Infrastructure through the DNS Lens

Digging Deep to Examine the Roots of the Glupteba UEFI Bootkit

Hunting for TimbreStealer Malware Artifacts in the DNS

A Glimpse into the Global Domain Registration Trends Seen in Q1 2024

View More