Threat Intelligence

 Sponsored
by

Noteworthy

WHOIS History API: Powering Domain Investigations

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 22, 2019 |   Read More |   13,431

Domain Research and Monitoring: Keeping an Eye on the Web for You

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 24, 2019 |   Read More |   14,077

Reverse WHOIS: A Powerful Process in Cybersecurity

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider Jun 14, 2019 |   Read More |   14,728

Threat Intelligence / News Briefs

Frequency of DDoS Attacks Risen by 40% While Duration of Attacks Decrease

Sep 12, 2018

The frequency of DDoS attacks has risen by 40% year on year while the duration of attacks decreased with 77% lasting ten minutes or less, according to a new report released by Corero Network Security.

Iranian Influence Operation Worldwide Significantly Larger Than Previously Identified

Aug 29, 2018

An apparent Iranian influence operation targeting internet users worldwide is reported as significantly larger than previously identified, Reuters reports.

ICANN Facing Critical Choice for Plan to Change DNS Cryptographic Key

Aug 24, 2018

While the majority of ICANN's Security and Stability Advisory Committee (SSAC) have given the organization the green signal to roll, or change, the "top" pair of cryptographic keys used in the DNSSEC protocol, commonly known as the Root Zone KSK (Key Signing Key), five members of the committee advised against the October 11 rollover timeline.

Large-Scale Study by Security Researchers in China Sheds Light on the Scope of DNS Interception

Aug 23, 2018

During the 27th Usenix Security Symposium held in Baltimore, MD last week, a group of researchers from China revealed results obtained from a large-scale analysis DNS interceptions.

Trump Relaxes U.S. Regulation to Launch Cyberattacks

Aug 16, 2018

President Donald Trump has reversed an Obama-era policy that set limits on how the United States deploys cyberattacks.

IETF Releases the New and Improved Internet Security Protocol, TLS 1.3

Aug 13, 2018

Internet Engineering Task Force (IETF) has announced the official release of TLS 1.3.

Google Credits USB-Based Security Keys for Successfully Protecting Its 85000 Employees from Phishing

Jul 25, 2018

According to multiple sources, Google this week reported that since early 2017, it has not had any of its 85,000 plus employees phished on their work accounts.

Russian Hackers Have Penetrated U.S. Electric Utilities

Jul 24, 2018

U.S. federal government officials have revealed Russian hackers have been able to gain access to the networks of electric utilities in the country, according to a report by The Wall Street Journal.

Anti-Phishing Working Group Proposes Use of Secure Hashing to Address GDPR-Whois Debacle

Jul 10, 2018

The AntiPhishing Working Group (APWG) in a letter to ICANN has expressed concern that the redaction of the WHOIS data as defined by GDPR for all domains is "over-prescriptive".

Doug Madory Reports on Shutting Down the BGP Hijack Factory

Jul 10, 2018

A lengthy email to the NANOG mailing list last month concerning suspicious routing activities of a company called Bitcanal initiated a concerted effort to kick a bad actor off the Internet.

Data Broker Reported to Have Exposed a Database Containing Close to 340 Million Individual Records

Jun 28, 2018

A data broker based in Palm Coast, Florida, is reported to have exposed a database that contained close to 340 million personal records on a publicly accessible server.

ACLU Released Guide for Developers on How to Respond to Government Demands That Compromise Security

Jun 21, 2018

It is not uncommon for government agents to force technology companies to create or install malicious software in products in order to help them with surveillance. The American Civil Liberties Union (ACLU) has released a guide for developers that is intended to help preserve security and customers' privacy.

Internet Society Announces New Partnership with Consumers International

Jun 13, 2018

The Internet Society today announced a new working partnership with Consumers International, the membership organization for consumer groups around the world.

Oracle Launches Internet Intelligence Map Providing Insight Into the Impact of Internet Disruptions

Jun 13, 2018

Oracle today announced the launch of the Internet Intelligence Map website; a source available for free that provides country-level connectivity statistics based on traceroutes, BGP, and DNS query volumes on a single dashboard.

Most Abused TLDs Put Under Spotlight by Spamhaus

Jun 11, 2018

TLDs such as .men and .loan are listed as some of the most abused domains in the world. Spamhaus says some domain name registrars and resellers knowingly sell high volumes of domains to bad actors for profit, and many registries do not do enough to stop or limit this endless supply of domains.

Industry Updates

Global Domain Activity Trends Seen in Q3 2024

A DNS Investigation into Mamba, the Latest AitM Phishing Player

A DNS Investigation of the 32 Doppelganger Websites Seized by the U.S. Government

Investigating the Proliferation of Deepfake Scams

Examining the DNS Underbelly of the Voldemort Campaign

2024 Domain Intelligence Study of 6 APT Groups Notorious for Targeting Europe

Stripping Down the BlackSuit Ransomware Network Aided by DNS Data

A DNS Deep Dive into the NetSupport RAT Campaign

Tracking the DNS Footprint of the Polyfill Supply Chain Attackers

Study by WhoisXML API Explores IDNs, Native-Language Characters, and Homograph Attacks

The Extended Reach of the Extension Trojan Campaign in the DNS

Inspecting Konfety’s Evil Twin Apps through the DNS Lens

Hunting for U.S. Presidential Election-Related Domain Threats in the DNS

A Closer Look at the Meduza Stealer through a DNS Deep Dive

July 2024: Domain Activity Highlights

View More