Cybercrime

Sponsored
by

Noteworthy

Domain Research and Monitoring: Keeping an Eye on the Web for You

WHOIS History API: Powering Domain Investigations

Reverse WHOIS: A Powerful Process in Cybersecurity

Cybercrime / Most Commented

CENTR Statement on IDN Homograph Attacks

Recently a proof of concept attack was announced on the Internet that demonstrated how a web address could be constructed that looked in some web browsers identical to that of a well known website. This technique could be used to trick a user into going to a website that they did not plan on visiting, and possibly provide sensitive information to a third party. As a result of this demonstration, there has been a number of voices calling for web browsers to disable or remove support for IDNs by default. ...CENTR, a group of many of the world's domain registries - representing over 98% of domain registrations worldwide - believes such strong reactions are heavily detrimental... more

Creating a Police State From the Ashes of the Internet

Former CIA Director, George J. Tenet recently called for measures to safeguard the United States against internet-enabled attacks. "I know that these actions will be controversial in this age when we still think the Internet is a free and open society with no control or accountability, but ultimately the Wild West must give way to governance and control." Mr. Tenet seems about as confused about the internet as the ITU... more

Survey Predicts Attacks on the Network Infrastructure Within 10 Years

Pew Internet Project has released a report called "The Future of the Internet" based on a recently conducted survey where 1,286 internet experts are said to have looked at the future impact of the internet and assessed predictions about how technology and society will unfold. The following is and excerpt from the report predicting at least one devastating attack will occur in the next 10 years on the networked information infrastructure or the United States power grid. more

Zuccarini To Receive 30 Months in Prison

In a Press Release issued yesterday, February 26, 2004, it has been announced that Zuccarini (background here) will receive 30 months in prison for violating the Truth in Domain Names Act. At least two of the domain names mentioned in the press release, DINSEYLAND.COM and BOBTHEBIULDER.COM appear to have been registered by third parties and are pointing to pages of links... more

New TLDs, Swiftly: This Is No Beauty Contest!

In response to ICANN's request for proposal (RFP) for the selection of new sponsored Top-Level Domains, Wendy Seltzer for the At-Large Advisory Committee (ALAC) urges ICANN to move quickly beyond "testing" to more open addition of a full range of new gTLDs in the near future and offers some general principles to guide that expansion. more

IP And The Internet: A Growing Need to Police Online Content

The Internet and corresponding online world have radically expanded the landscape Intellectual Property professionals need to investigate when monitoring for possible infringements of their trademarks, brands and other intangible assets. With few barriers to entry, coupled with the ability to operate anonymously, the Internet has rapidly become a significant target for unscrupulous individuals hoping to take advantage of the easily accessible Intellectual Property assets of legitimate businesses. more

Diverting Traffic On The Web: Trademarks And The First Amendment

What's at the heart of cybersquatting may also be at the heart of free speech on the Internet: the diversion of Internet users looking for plaintiff's web site to defendant's web site. Cybersquatters register domain names to accomplish this, while meta-infringers (as we will call them) use HTML code and search engine optimization techniques. Meta-infringers do this by creating keyword density by using competitor's trademarks and permutations thereof in their website in order to rank higher in the search engine results when someone searches on the competitor's trademarks. more

Domain Name Issues In Russia

How are domain names dealt with in Russia? This article discusses current issues related to the registration and assignment of domain names in ".ru" zone (Russian top level country code domain) and trademark protection on Internet. more

If It Walks Like A Duck And Quacks Like A Duck It's Probably A…?

It is time to revisit the old question regarding whether or not a domain name is actually 'property' and what this means to domain name registrants, registrations, ISPs and ICANN itself. What type of rights does a domain name confer? What responsibilities will the act of registering domain names suddenly bestow? more

With No Privacy Standards Who Knows Who Is Abusing The Whois Database

John Banks is a loan officer in New York. John's supervisor recently warned John about the potential number of bad loans he may be carrying as part of his portfolio. To dump some of the bad loans he might be carrying, John came up with a scheme. He pointed his web browser to www.whois.org and entered terms denoting disease or poor health such as 'cancer' and 'illness'. This query on the Internet's WHOIS database reported results of names and addresses of domain name owners who had developed websites devoted to providing information on certain serious illnesses. John compared these names and addresses with those in his portfolio of loans. For the matches, he canceled the loans and required immediate payment-in-full. more

Trend Towards Liberalization Of Country Domain Names: Enters .CN

On Monday 17 March, domain name registrations under the new Chinese Internet address, .cn, were available for the first time to registrants both inside and outside of China. As China's equivalent of .uk, or .us, the .cn domain space will be the Internet address of choice for Chinese consumers and for corporations interested in operating in one of the largest Internet markets. more

Exposing A Famous Secret: Well-known Trademarks Are Not Easily Diluted

Regarding a domain name dispute involving famous authors, the novelist, Louis Sachar, observed that "if some unrelated person is going to co-opt my name in cyberspace, and fails to use it to identify a web site related to my books or myself, that's going to endanger my career, as well as my reputation." Louis Sachar is one of nine famous authors for whom the Authors Guild, recently successfully snatched personal name domain names from a United Kingdom domain name registrant known as Old Barn Studios... more

Examining Stuart Lynn's Domain Name Plans - Part I

Last month ICANN began soliciting comments on Stuart Lynn's A Plan for Action Regarding New gTLDs, which will be one of the Internet governance organization's primary discussion topics at its December meeting in Amsterdam. more

Preventing Future Attacks: Alternatives In DNS Security Management - Part II

In Part I of this article I set the stage for our discussion and overviewed the October 21st DDoS attacks on the Internet's 13 root name servers. In particular, I highlighted that the attacks were different this time, both in size and scope, because the root servers were attacked at the same time. I also highlighted some of the problems associated with the Domain Name System and the vulnerabilities inherent in BIND. Part II of this article takes our discussion to another level by critically looking at alternatives and best practices that can help solve the security problems we've raised. more

Preventing Future Attacks: Alternatives In DNS Security Management - Part I

The October 21 DDoS attacks against the 13 root-name servers containing the master domain list for the Internet's Domain Name System (DNS), (which reportedly took offline 9 of the 13 servers) remain a clear and daunting reminder of the vulnerabilities associated with online security. Many DNS authorities have named the most recent hit the largest DDoS attack against the root server system. Chris Morrow, network security engineer for UUNET, the service provider for two of the world's 13 root servers, recently told The Washington Post... more

Industry Updates

Using Threat Intelligence Feeds to Prevent Orcus RAT Infections

The Orvis.com Data Leak: A Short Investigation Using WHOIS Information

The Disney+ Account Hijacking: Preventing Unauthorized Network Access with Threat Intelligence Tools

Billtrust Breach: Can Threat Intelligence Platforms Help with Ransomware Prevention?

Post NordVPN Data Exposure: Using Domain Threat Intelligence to Prevent MitM Attacks

InterMed Breach: How Threat Intelligence Sources Help Maintain Domain Integrity

BriansClub & PoS Malware Attacks: How Threat Intelligence Solutions Help Prevent Payment Card Theft

How Reverse WHOIS Search Can Help Protect Against MegaCortex and Other Ransomware

The Web.com Data Breach: A Quick Investigation with Domain Reputation Lookup

Mobile Apps and Malware: Shielding Your Brand from Unseen Cyber Threats

Being Cybersecure Is Not Enough, Become Cyber-Resilient Instead

Can Security Analytics Combat Digital Fraud with IP and Domain Name Monitoring?

Alleviating the Constant Clash Between DevSecOps and DevOps Teams

Moving from the Castle-and-Moat to the Zero-Trust Model

Why IT Security and DevOps Teams Are Often at Odds