Hot Topics:   Cybersecurity    Domain Names    Cybercrime    Internet Governance    Policy & Regulation    Registry Services    Whois   

Featured Blogs

It's Time for a Referendum on Orgxit

Jacob Malthouse The worst thing about Brexit wasn't the referendum. It was the fallout. David Cameron decided that the best way to manage a small risk was to take a big one. Finally, over three agonizing years later, the UK looks set to move on. The Internet Society – which has run the .ORG domain since 2002 – was in the same position as Cameron. They became convinced that it was worth dealing with a small risk by taking a huge one. more

What's Behind the Secure DNS Controversy and What Should You Do About It?

Kieren McCarthy Anyone that has attended a meeting of the Internet Engineering Task Force (IETF) will know that the somewhat dry topic of internet protocols is often the source of passionate disagreement. But rarely does that debate extend beyond the confines of internet engineers. That has not been the case with a new protocol which aims to make the Internet's underlying domain name system more secure by default. more

Internet Reporting Hotlines Are Censoring Art as Child Sexual Abuse

Jeremy Malcolm This week United States Attorney-General William Barr cited the need to address child exploitation as one of the factors motivating a mooted review of law called CDA 230, which provides that Internet companies aren't responsible for what their users say or do online. There are many dimensions to the problem of child exploitation, ranging from inappropriate comments on Instagram photos to child grooming on Fortnite... more

Counting Gigabit Households

Doug Dawson I ran across a website called the Gigabit Monitor that is tracking the population worldwide that has access to gigabit broadband. The website is sponsored by VIAVI Solutions, a manufacturer of network test equipment. The website claims that in the US, over 68.5 million people have access to gigabit broadband or 21% of the population. That number gets sketchy when you look at the details. more

Internet Governance and the Universal Declaration of Human Rights, Part 1: Foundations

Klaus Stoll One could think that the authors of The Universal Declaration of Human Rights (UDHR) -- adopted in 1948 -- had the Internet in mind when they declared in Article 19: "Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers." All human beings are entitled to certain rights, and it makes no difference if they choose to exercise them in a town square or an Internet chatroom. more

The Ghosts of Deletions Future – December 2018 Versus December 2019

In the absence of data on renewals and deletions which are yet to happen, it can be enlightening to compare the domain names from the zone files of a year ago to the domain names in the current zones. The first group is the legacy gTLDs. The "Retained" domain names are those still in the December 2019 zone files. The "Deleted" domain names are those which are no longer in the current zones. Some of the retained domain names may have been reregistered, but these are not renewals charts. more

Unpacking the Framework to Address DNS Abuse

Matt Serlin As the Internet has grown, so too have the abuses that go along with one of the world's most transformative technologies. For all of the positives the Internet brings, negatives like phishing, malware and child exploitation are a reality online. As of December 9, 2019, 48 registrars and registries have signed onto the "Framework to Address Abuse." This initiative was launched last month by a number of domain name registries and registrars, just prior to the ICANN meeting in Montreal. more

Encryption, Our Last Line of Defense

Mohamed EL Bashir Encryption is fundamental to our daily life. Practically everything we do online makes use of encryption is some form. Access to our financial transactions, health records, government services, and exchanged private messages are all protected by strong encryption. Encryption is the process of changing the information in such a way as to make it unreadable by anyone except for those possessing special knowledge (usually referred to as a "key"), which allows them to change the information back to its original, readable form. more

Fake Apps Are a Real Problem

Frederick Felman In the short ten years that they've been around, mobile apps have grown to become a staple of modern digital life. With more than five million apps currently available for download in the major app stores, and with over 2,000 new apps being uploaded every day, mobile apps are big business. Fifty-eight percent of shoppers consistently browse e-commerce apps and 49% of all website traffic now comes directly from mobile app users. All this browsing directly translates into spending. more

Our Digital Illiteracy

Doug Dawson Pew Research Center recently surveyed 4,272 adults and tested their knowledge of basic computer topics. The results showed that there was a lack of general knowledge about a few of the terms that are important for how people use the Internet. For example, the survey showed that only 30% of survey takers knew that website starting with https:// means that the information provided over that site is encrypted. Only 28% of respondents understood the concept of two-factor authentication... more

Fadi's .ORG Fracasso

Greg Thomas The stakeholder community needs to get with the program and assert itself now – if it still can. The recent attempts by the Internet Society (ISOC) to wrap itself in the halo of Jon Postel's "original intent" for .org is specious and laughable. As I've previously published, Postel also didn't like how big the top-level domains were getting and suggested, in 1993, that top-level domains should be capped at 10,000 names and that further zone growth should happen at the second- and third-levels (similar to how the UK has .uk and then .com.uk, for example). more

The Early History of Usenet, Part VII: Usenet Growth and B-News

Steven Bellovin For quite a while, it looked like my prediction – one to two articles per day – was overly optimistic. By summer, there were only four new sites: Reed College, University of Oklahoma (at least, I think that that's what uucp node uok is), vax135, another Bell Labs machine – and, cruciallyy, U.C. Berkeley, which had a uucp connection to Bell Labs Research and was on the ARPANET. more

What to Make of the Inaugural NetThing 2019

Quoc Pham The last Australian Internet Governance Forum (auIGF) was held in October 2016 before the annual event was cancelled as part of an auDA review. Three years on and the auIGF replacement – NetThing – was held in Sydney on 28 October 2019, though I was surprised to see that this Australian Internet event no longer had an associated .au domain name, instead choosing to go with NetThing.info. more

IGF2019 Observation: Compare Chancellor Merkel's Digital Sovereignty with Chinese and U.S. Version

Peixi (Patrick) Xu The 2019 UN IGF is right now being held in Berlin and entering the last day. There has been a wide range of exciting discussions. It is a huge step forward that this year's IGF has been able to bring a plethora of topics together under a framework of thinking after the efforts done by the UN Secretary-General António Guterres' High-Level Panel on Digital Cooperation (The Age of Digital Interdependence) and by German scholars' engagement with all the stakeholders... more

The .ORG Sale Is a Radical Departure That Puts the Internet at Risk

Jacob Malthouse It can be hard to take a side. Especially when you are with a big organization. I know, I used to work for the United Nations and ICANN. Neutrality is a huge part of that work. Your role is not to take a stand; it's to create the space for other people to take stands. To create and protect a neutral platform. That's what we all thought the Internet Society (ISOC) was doing for us by running .ORG. more

News Briefs

Fiber Infrastructure in China Has Grown Nine Times Faster Than in the U.S. Since 2013

While developed and developing countries are fully aware of the importance of robust Internet infrastructure in the digital age, none have the same level of ambition that has fueled China's aggressive rollout strategy over the past seven years. more

Internet Society CEO Responds to Concerns Raised Over the .ORG Sale

Internet Society CEO Andrew Sullivan released a statement today in response to the recent concerns raised by the community with regards to the sale of Public Interest Registry (PIR), the .ORG operator, to Ethos Capital. more

We Have Now Run Out of IPv4 Addresses, Says RIPE NCC

The organization responsible for providing global Internet resources, including addresses in Europe, the Middle East and parts of Central Asia has announced that as of today, 25 November 2019, it has run out of IPv4 addresses. more

EFF and 26 Other Organizations Send Letter to Internet Society Urging It to Stop Sale of .ORG

EFF and 26 other organizations, including Wikimedia Foundation, Public Knowledge, National Council of Nonprofits, YWCA and YMCA, sent a letter today to the Internet Society (ISOC), urging it to stop the sale of the Public Interest Registry (PIR) -- operator of .ORG top-level domain -- to private equity firm Ethos Capital. more

Russia Bans Sale of Smartphones, Computers and Other Devices Not Pre-Installed With Russian Software

Russia has passed a law banning the sale of certain devices such as smartphones, computers and smart televisions if not pre-installed with Russian software. more

Microsoft Announces Plans to Adopt DoH in Windows

Microsoft announced today its plans to adopt DNS over HTTPS (DoH) protocol in Windows and will also keep other options such as DNS over TLS (DoT) on the table for consideration. more

Iran Almost Completely Shuts Off Internet Access Across the Country Amid Protests Over Fuel Prices

Iran has almost entirely shut down internet access across the country amid protests over an increase in fuel prices. more

Internet Commerce Association Calls for ICANN to Withhold Approval of .Org Sale

The Internet Commerce Association (ICA) in an open letter issued today, has asked ICANN to withhold the approval of the assignment of the .ORG top-level domain to the private equity company Ethos Capital. more

Ethos Capital to Acquire .ORG Top-Level Domain

The Internet Society and Public Interest Registry (PIR) have reached an agreement with Ethos Capital, under which Ethos Capital will acquire PIR and all of its assets from the Internet Society. Public Interest Registry (PIR) is the nonprofit corporation that operates the .ORG top-level domain. more

Cybersecurity Workforce Needs to Grow 145% to Close Skills Gap Worldwide, Says New Study

The cybersecurity workforce needs to grow by 145% to close the skills gap and better defend organizations worldwide according to a report released by (ISC)², a nonprofit membership association of certified cybersecurity professionals. more

Colombian Government Releases Action Plan for the Selection of .CO Domain Registry Operator

In light of the approaching expiration of the .CO top-level domain registry operator contract, Columbia's Ministry of Information Technology and Communications (MinTIC) today released an action plan for the .co operator selection process. more

"lo" and Behold

Happy 50th Internet! On October 29, 1969, at 10:30 p.m. Leonard Kleinrock, a professor of computer science at UCLA along with his graduate student Charley Kline sent a transmission from UCLA's computer to another computer at Stanford Research Institute via ARPANET, the precursor to the internet. more

EFF: For ISPs to Retain Power to Censor the Internet, DNS Needs to Remain Leaky

EFF's Senior Legislative Counsel, Ernesto Falcon, in a post on Monday has argued that major ISPs in the U.S. -- the likes of Comcast, AT&T;, and Verizon -- are aggressively influencing legislators to stop the deployment of DNS over HTTPS (DoH), "a technology that will give users one of the biggest upgrades to their Internet privacy and security since the proliferation of HTTPS." more

IETF Appoints Its First Executive Director

IETF today announced that Jay Daley is appointed as the first permanent Executive Director of the organization. IETF had 134 applicants for the position since it began the hiring process in May of this year. more

New Zealand's Top-Level Domain Manager Seeking New Registry Service Provider for .nz

The manager for .nz announced today that they have launched a registry replacement process and are calling for expressions of interest from potential service providers by November 29th. more

Leading Domain Registries and Registrars Release Joint Document on Addressing 'DNS Abuse'

A group of leading domain name registries and registrars have joined forces in the fight against abuse in the Domain Name System (DNS), by developing a "Framework to Address Abuse." Each contributing company has shared its expertise and experience mitigating abusive practices with the goal of submitting the resulting Framework as a foundational document for further discussion in the multistakeholder community.  more

Germany's New Rules for Developing 5G Mobile Networks Will Not Exclude China's Huawei Technologies

German regulators have released a set of guidelines addressing network security for companies wanting to help build next-generation 5G infrastructure. more

China's App Allows "Superuser" Access to Entire Data of Over 100 Million Android-Based Phones

The Chinese Communist Party's app called Study the Great Nation released in January is reported to have "superuser" access to the entire data of over 100 million Android-based phones via a backdoor. more

China to Require Face Scan for Internet Access and New Phone Numbers Starting December

Chinese citizens will be required to let telecommunications carriers to scan their faces in order to sign up for internet access or to get a new phone number. more

EU Member States Release Report on Coordinated Risk Assessment on Cybersecurity in 5G Networks

European Union Member States published a report on the 'EU coordinated risk assessment on cybersecurity in Fifth Generation (5G) networks'. The report is based on the results of the national cybersecurity risk assessments by all EU Member States. It identifies the main threats and threats actors, the most sensitive assets, the main vulnerabilities, and several strategic risks. more

Most Read – Last 30 Days

Recent Comments

Fadi's .ORG Fracasso
Why I Voted to Sell .ORG
Why I Voted to Sell .ORG
Why I Voted to Sell .ORG
Why I Voted to Sell .ORG
Why I Voted to Sell .ORG
Why I Voted to Sell .ORG
Why I Voted to Sell .ORG
Why I Voted to Sell .ORG
Why I Voted to Sell .ORG
Doing Our Part for a Safer, Stronger DNS
Domain Enforcement in a Post-GDPR World

Topics

Brand Protection

Sponsored byAppDetex

Domain Names

Sponsored byVerisign

IP Addressing

Sponsored byAvenue4 LLC

Whois

Sponsored byWhoisXML API

New TLDs

Sponsored byAfilias

DNS Security

Sponsored byAfilias

Cybersecurity

Sponsored byVerisign

Cybercrime

Sponsored byThreat Intelligence Platform

Industry Updates

Mobile Apps Take the Lead, Scammers Follow

AppDetex Mobile commerce has just reached another landmark milestone. For the first time ever, mobile transactions made up almost $1 of every $3 spent online during the post-Thanksgiving 2019 shopping weekend. more

The High Cost Of Privacy In A Post-GDPR World

AppDetex It has officially been over a year since the European Union's General Data Protection Regulation (GDPR) took effect and in that time, we've come to see both the benefits, and the very serious drawbacks of this program. more

How Threat Intelligence Software Can Help Prevent Breaches Caused by Server Misconfigurations

WhoisXML API Early this month, the Gekko Group, an AccorHotels subsidiary erroneously uploaded more than 1TB of confidential information on a publicly accessible cloud-based server. This error led to the exposure of tons of data owned by its partner hotels' clients, travel agencies, and customers. more

Neustar Collaborates With auDA to Increase Resilience, Availability and Diversity of the .au Domain

Neustar Neustar announced today that they have commenced working with the .au Domain Administration (auDA) to increase the resilience, availability, and diversity of Australia's .au country code Top-Level Domain (ccTLD) zone, by adding additional DNS name servers. more

The Louisiana State Ransomware Attack: Enhancing Cyberdefense with Reverse IP Address Lookup

WhoisXML API An attempted ransomware attack on some Louisiana state servers caused the state's cybersecurity team to shut down their IT systems and websites. Governor John Bel Edwards, however, emphasized that not all of the state's servers were affected. more

How Can Domain Intelligence Analysis Help in Vetting Third-Party Providers

Threat Intelligence Platform (TIP) For 16 months, PayMyTab, a third-party payment provider, leaked the private data of customers who dined in a U.S. restaurant when it failed to follow a simple yet essential security protocol. more

Using Threat Intelligence Feeds to Prevent Orcus RAT Infections

Threat Intelligence Platform (TIP) John Paul Revesz (also known as "Armada"), the Canadian behind the Orcus RAT (a software that been used in various malware attacks), has been charged under Section 342.1 of the Criminal Code on November 8. The specific section is for the unauthorized use of a computer, and at its core, this is what Revesz's Orcus software does. more

The Orvis.com Data Leak: A Short Investigation Using WHOIS Information

WhoisXML API On November 11, news about the massive data exposure of the clients of Orvis, a 163-year-old retailer, made headlines. Some of the company's login credentials were posted online... With over 80 retail stores, 10 outlets, and hundreds of independent dealers worldwide, we believe potential attackers could get their hands on millions of customer data. more

The Disney+ Account Hijacking: Preventing Unauthorized Network Access with Threat Intelligence Tools

Threat Intelligence Platform (TIP) What was supposed to be an exciting week after the launch of Disney+, a subscription-based video-on-demand (VOD) streaming service of Walt Disney Company, turned into a nightmare for thousands of users. more

Billtrust Breach: Can Threat Intelligence Platforms Help with Ransomware Prevention?

Threat Intelligence Platform (TIP) Highly publicized ransomware attacks are never short of golden nuggets of wisdom for the cybersecurity industry. They first teach us that attackers control the rules of the game once infiltration is complete. Second, large enterprises that use cloud-based technologies to store sensitive financial information continue to be at risk. more

Post NordVPN Data Exposure: Using Domain Threat Intelligence to Prevent MitM Attacks

Threat Intelligence Platform (TIP) NordVPN admitted last month that its data center located in Finland was hacked on March 5, 2018. While the virtual private network (VPN) service provider claimed it learned of the incident as early as April 13, 2019, it only confirmed the compromise last month after reports that its expired Transport Layer Security (TLS) certificate and its private key were leaked. more

InterMed Breach: How Threat Intelligence Sources Help Maintain Domain Integrity

Threat Intelligence Platform (TIP) Major healthcare providers suffer a lot from breaches, both from a legal and financial standpoint. Aside from patient lawsuits, they also face severe penalties imposed by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). more

BriansClub & PoS Malware Attacks: How Threat Intelligence Solutions Help Prevent Payment Card Theft

Threat Intelligence Platform (TIP) The most common method by which PoS malware infects hosts is through insider threats and phishing. A knowledgeable employee may install the malware on card-reading machines or retrieve higher-ups' access credentials by guessing username-and-password combinations. more

Investigating Domain Abuse Complaints with Brand Monitoring Software

WhoisXML API Cybersquatters can pose severe risks for brands, so it's good news when a company wins against them. Home Box Office, Inc. (HBO) recently won its case in a domain dispute for TrueDetective.com. The titular show has a huge cult following, which explains why someone may want to leverage a domain name around it. more

How Reverse WHOIS Search Can Help Protect Against MegaCortex and Other Ransomware

WhoisXML API Earlier this week, a new variant of MegaCortex ransomware was found encrypting files and changing victims' passwords on Windows-based computers. Victims who fail to pay the ransom were as usual threatened that their personal data would be released. How does the attack work? more

The Web.com Data Breach: A Quick Investigation with Domain Reputation Lookup

WhoisXML API On 16 October, Web.com – the world's oldest domain name provider and owner of Network Solutions, NameSecure, and Register.com – disclosed a major breach resulting in the leakage of its customers' personally identifiable information (PII). more

Do Security Service Providers Need Their Own Data Scientists?

WhoisXML API In a world where society is driven by information, data science has gained solid ground over the past years for its ability to separate the wheat from the chaff. Its predictive power is now being explored in the context of cybersecurity. After all, efficient threat protection requires gathering and interpreting the enormous amounts of traffic generated to and from one's network. more

Leading Voices  –  From our corporate sponsors

Shumon Huque Principal Research Scientist at Verisign Labs 1 post viewed 15,551 times
Danny McPherson Executive Vice President and Chief Security Officer at Verisign 12 posts viewed 143,385 times
Janine Goodman Vice President and Co-founder at Avenue4 LLC 6 posts viewed 48,136 times
Chuck Gomes VP of Policy and Compliance, Naming and Directory Services at VeriSign 2 posts viewed 25,302 times
Duane Wessels Distinguished Engineer at Verisign 6 posts viewed 64,569 times
Scott Hollenbeck Senior Director of the Verisign Registry Services Lab 12 posts viewed 140,702 times
Paul Livesay VP and Counsel at Verisign 1 post viewed 12,930 times
Jonathan Robinson Executive Chairman at Afilias 1 post viewed 8,695 times
Dr. Burt Kaliski Jr. Senior VP and Chief Technology Officer at Verisign 20 posts viewed 191,811 times
Marc Lindsey President and Co-founder at Avenue4 LLC 5 posts viewed 36,073 times
Roland LaPlante Senior Vice President and Chief Marketing Officer at Afilias 17 posts viewed 216,919 times
Keith Drazek Vice President, Public Policy & Government Relations at Verisign 2 posts viewed 19,642 times
Ram Mohan Executive Vice President & CTO, Afilias 33 posts viewed 595,869 times
John Kane Vice President of Corporate Services, Afilias 4 posts viewed 55,497 times
Dr. James Galvin Director, Technical Standards at Afilias 3 posts viewed 46,021 times