Cyberattack

Cyberattack / Featured Blogs

Person to Person Security and Privacy Infringement

IT security strategies invariably focus on maintaining impenetrable fortresses around computers and network systems. Firewalls, virtual private networks and anti-virus programs are the tools IT engineers use to create their digital security. Sophisticated defense systems can be very effective at keeping the obvious attackers at bay, yet they often create a false sense of security because the real attacks, the kind that inflict irreparable damage on a system or network, avoid the obvious routes into the secure fortress. more

Internet Management and National Security: Time for a Federal Action Plan

Former CIA Director George Tenet recently gave a speech highlighting the need for federal action on internet management in order to protect national security. As reported by the online edition of Government Executive, Mr. Tenet explained that, "greater government regulation of the Internet and telecommunications networks is needed in order to guard against terrorist attacks." more

Thoughts About "Protection Against BIND"

Imagine my surprise upon reading a BBC article which identified ISC BIND as the top security vulnerability to UNIX systems. At ISC, we have striven for a decade to repair BIND's reputation, and by all accounts we have made great progress. "What could this be about," I wondered, as I scanned the BBC article for more details. It turns out that BBC was merely parroting what it had been told by SANS. OK, let's see what SANS has to say... more

Security by Obscurity?

Ah yes, 'Security by obscurity': "Many people believe that 'security through obscurity' is flawed because... secrets are hard to keep." I'm glad the guys guarding the A Root Servers are up on the latest security trends. Of course, you could hide the A Root Servers at the heart of the Minotaur's maze, but they're still going to be "right over there" in cyberspace, at 198.41.0.29 more

DNS Gets A Formal Coordination System

CircleID recently interview Paul Vixie, Founder & Chairman of Internet Software Consortium (ISC), to discuss ISC's newly formed Operations, Analysis, and Research Center (OARC). OARC is launched in response to DDoS attacks at the Internet's core infrastructure and the vital requirement for a formal coordination system. OARC is also a part of US homeland security initiatives, such as the formation of Information Sharing and Analysis Centers (ISACs).

"Registries and registrars, ccTLD operators, large corporate NOCs, ISPs and ecommerce companies that host many domain names are all likely candidates. This is also a natural for law enforcement groups that are worried about attacks on the Internet." more

Blacklists Down from Fear of DDoS

Yet another DNS blacklist has been taken down out of fear of the DDoS attacks that took down Osirusoft, Monkeys.com, and the OpenRBL. Blackholes.compu.net suffered a Joe-Job (A Joe-Job is essentially spam designed to look like it's coming from someone else.) earlier this week. Apparently the Joe-Jobing was enough to convince some extremely ignorant mail administrators that Compu.net is spamming and blocked mail from compu.net. Compu.net has also seen the effects of DDoS attacks on other DNS blacklist maintainers. They've decided that the risk to their actual business is too great and they are pulling the plug on their DNS blacklist before they come under the gun by spammers. more

Preventing Future Attacks: Alternatives In DNS Security Management - Part II

In Part I of this article I set the stage for our discussion and overviewed the October 21st DDoS attacks on the Internet's 13 root name servers. In particular, I highlighted that the attacks were different this time, both in size and scope, because the root servers were attacked at the same time. I also highlighted some of the problems associated with the Domain Name System and the vulnerabilities inherent in BIND. Part II of this article takes our discussion to another level by critically looking at alternatives and best practices that can help solve the security problems we've raised. more

Preventing Future Attacks: Alternatives In DNS Security Management - Part I

The October 21 DDoS attacks against the 13 root-name servers containing the master domain list for the Internet's Domain Name System (DNS), (which reportedly took offline 9 of the 13 servers) remain a clear and daunting reminder of the vulnerabilities associated with online security. Many DNS authorities have named the most recent hit the largest DDoS attack against the root server system. Chris Morrow, network security engineer for UUNET, the service provider for two of the world's 13 root servers, recently told The Washington Post... more

Industry Updates

DNS Hijacking: The Iranian Cybersecurity Threat That May Be Overlooked

Mitigating Phishing Attacks on Cloud/File Storage Services through Domain Reputation API

Mobile Apps Take the Lead, Scammers Follow

The Louisiana State Ransomware Attack: Enhancing Cyberdefense with Reverse IP Address Lookup

Using Threat Intelligence Feeds to Prevent Orcus RAT Infections

The Orvis.com Data Leak: A Short Investigation Using WHOIS Information

Post NordVPN Data Exposure: Using Domain Threat Intelligence to Prevent MitM Attacks

InterMed Breach: How Threat Intelligence Sources Help Maintain Domain Integrity

BriansClub & PoS Malware Attacks: How Threat Intelligence Solutions Help Prevent Payment Card Theft

Alleviating the Constant Clash Between DevSecOps and DevOps Teams

Cloud and IaaS DLP Woes: Is Additional Threat Intelligence a Solution?

Carpet-Bombing Attacks: A Rising Threat to ISPs

How Threat Intelligence Prevents Nameserver Takeovers and Their Far-Reaching Damage

Can Domain Blacklisting Be Avoided?

How to Stay Safe Against DNS-Based Attacks