Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Two months ago, the Federal Bureau of Investigation (FBI) alerted the public to a list of domains that could easily be mistaken to be part of its network. The list of artifacts contained a total of 92 domain names, 78 of which led to potentially malicious websites, while the remaining 14 have yet to be activated or are no longer active as of 23 November 2020.
The Silent Librarian advanced persistent threat (APT) actors have been detected once again, as the academic year started in September. With online classes increasingly becoming the norm, the group's phishing campaigns that aim to steal research data and intellectual property could have a high success rate. Dozens of phishing domain names have been reported, although some may have already been taken down.
The term "attack surface" is often heard in cybersecurity conversations. It refers to the sum of all possible attack vectors or the vulnerabilities that threat actors can exploit to penetrate a target network or damage an organization somehow. An unused and forgotten subdomain, for instance, can become an attack vector when taken over. Certain categories of companies have very large attack surfaces. Such is the case of streaming media businesses like Netflix and HBO Max.
How much phishing is there? Where is it occurring, and why? How can it be reduced? I and my colleagues at Interisle Consulting have just published a new study called Phishing Landscape 2020, designed to answer those questions. We assembled a deep set of data from four different, respected threat intelligence providers and enriched it with additional DNS data and investigation. The result is a look at phishing attacks that occurred in May through July 2020.
There is a lot of discussion about the Expedited Policy Development Process (EPDP) Phase 2 report on evaluating a System for Standardized Access/Disclosure (SSAD) to non-public gTLD registration data after the decisions taken by the GNSO Council on September 24th. Notably, the Business Constituency (BC) and the Intellectual Property Constituency (IPC) have voted against the adoption of the Final Report of the EPDP team.
ICANN's two-year effort to purportedly preserve the Whois public directory to the greatest extent possible while complying with GDPR has failed. Under the latest proposal, the Whois database, once a contractually-required directory of domain name registrants, will be gutted to the point of virtual worthlessness, as registrars, registries, academics, and hand-wringing others ignored the public interest and imposed ever-higher barriers to legitimate, GDPR-compliant access to registration data.
After two years of grueling, complex and contentious debate, the ICANN EPDP team delivered its Phase 2 Final Report on July 31st, 2020. Unfortunately, and disappointingly, the policy recommended for the so-called "System for Standardized Access/Disclosure" (SSAD) fails to meet the needs of the users it supposedly is designed to benefit.
This isn't the blog post I had hoped to write. When I signed up to participate in ICANN's Expedited Policy Development Process for gTLD Registration Data, I knew we had a lot of work ahead of us, but I was cautiously optimistic that we would, eventually, reach a successful outcome. Today, I find myself looking at things differently. After hundreds of hours and countless meetings and emails, Phase 2 of the EPDP's work has wrapped up with the delivery of our final report to the GNSO Council.
ICANN's founding promise and mandate are optimistic -- ensure a stable and secure internet that benefits the internet community as a whole. Recent months, however, have highlighted the uncomfortable truth that ICANN's and the industry's approach to DNS abuse is actually moving backward, ignoring growing problems, abdicating on important policy issues, and making excuses for not acting. Further, the impending failure of ICANN's new WHOIS policy to address cybersecurity concerns will add fuel to the fire, resulting in accelerating DNS abuse that harms internet users across the globe.
There is an ongoing disagreement among various members and groups in the ICANN community regarding automation -- namely, whether and to what extent automation can be used to disclose registrant data in response to legitimate data disclosure requests. A major contributing factor to the complications around automation has been confusion about how to interpret and apply Article 22 of the GDPR.
A World-Renowned Source for Internet Developments. Serving Since 2002.