Threat Intelligence

 Sponsored
by

Noteworthy

Domain Research and Monitoring: Keeping an Eye on the Web for You

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 24, 2019 |   Read More |   10,397

WHOIS History API: Powering Domain Investigations

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 22, 2019 |   Read More |   10,029

Reverse WHOIS: A Powerful Process in Cybersecurity

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider Jun 14, 2019 |   Read More |   11,226

Threat Intelligence / Recently Commented

Phishing: Competing on Security

Last Comment:

The UK today is one of the main attack targets by phishing organized crime groups, globally. Phishing damages will amount to about two billions USD in 2006 worldwide -- not counting risk management measures such as preventative measures, counter-measures, incident response and PR damages. In most cases, phishing is caused by the fault of the users, either by entering the wrong web page, not keeping their computers secure or falling for cheap scams. Often this is due to lack of awareness or ability in the realm of Internet use rather than incompetence by the users... more

DNSSEC Deployment at the Root

Last Comment:

The DNSSEC is a security protocol for providing cryptographic assurance (i.e. using the public key cryptography digital signature technology) to the data retrieved from the DNS distributed database (RFC4033). DNSSEC deployment at the root is said to be subject to politics, but there is seldom detailed discussion about this "DNS root signing" politics. Actually, DNSSEC deployment requires more than signing the DNS root zone data; it also involves secure delegations from the root to the TLDs, and DNSSEC deployment by TLD administrations (I omit other participants involvement as my focus is policy around the DNS root). There is a dose of naivety in the idea of detailing the political aspects of the DNS root, but I volunteer! My perspective is an interested observer. more

VoIP Security FUD

Last Comment:

I'm continually amazed by the amount of FUD being spread with regard to VoIP security threats. People...the sky is not falling. VoIP isn't e-mail. It isn't implemented like e-mail, it won't be implemented like e-mail (maybe "it shouldn't be implemented like e-mail" is a more appropriate statement). Following best security practices will ensure at least a level of security equivalent to current TDM systems. Best FUD I've heard this week: VoIP is insecure because you can simply put a bridge on an ethernet line and capture a stream. Hey, has anyone ever heard of alligator clips? more

An Overview of the Concept and Use of Domain-Name Entropy

Last Comment:

In this article, I present an overview of a series of 'proof-of-concept' studies looking at the application of domain-name entropy as a means of clustering together related domain registrations, and serving as an input into potential metrics to determine the likely level of threat which may be posed by a domain. more

Industry Updates

Thawing IcedID Out Through a DNS Analysis

Examining WoofLocker Under the DNS Lens

Decoy Dog, Too Sly to Leave DNS Traces?

RedHotel Attack Infrastructure: A DNS Deep Dive

Finding WyrmSpy and DragonEgg Ties to APT41 in the DNS

DNS Insights behind the JumpCloud Supply Chain Attack

Signs of MuddyWater Developments Found in the DNS

AI Tool Popularity: An Opportunity for Launching Malicious Campaigns?

DNS Revelations on Eevilcorp

WhiteSnake Stealer Serpentines through the DNS

A DNS Deep Dive Into Malware Crypting

BlackCat Hacks Reddit Again, Take a Look at What the DNS Revealed

MOVEit Bug-CLOP Ransomware Threat Vector Identification Aided by DNS Intelligence

Tracing Truebot’s Roots through a DNS Deep Dive

Alleviating the Risks .zip and Similar Domain Extensions Could Pose via DNS Intelligence

View More