Cybercrime

Sponsored
by

Noteworthy

Reverse WHOIS: A Powerful Process in Cybersecurity

WHOIS History API: Powering Domain Investigations

Domain Research and Monitoring: Keeping an Eye on the Web for You

Cybercrime / Recently Commented

Examining Two Well-Known Attacks on VoIP

VoIP is here to stay. In fact many incumbent telecommunication carriers have started offering VoIP service for sometime and several new VoIP service providers have emerged. Aside from issues such as quality of service, the aspect of security, or lack thereof, is misunderstood by some of the VoIP service providers. This purpose of this article is to discuss two of the most well known attacks that can be carried out in current VoIP deployments. more

DNS Hackers Target Domain Registrars

Hackers have launched distributed denial of service attacks against the Domain Name System (DNS) servers of a brace of domain name registrars over recent days. The motive for the separate attacks against VeriSign and Joker.com remains unclear.

VeriSign said the attack on its name servers caused a "brief degradation" in the quality of its service to customers for around 25 minutes on Tuesday afternoon, ComputerWorld reports. Domain registrar Joker.com is recovering from an attack on its name servers last week that lasted for six days up until last Sunday. Joker.com, which is based in Germany, handles the registration of approximately 550,000 domains. more

Cybersquatters Try New Tactics: Soft Squatting

Cybersquatting the domain name of a celebrity and selling it for a king's ransom was one of the great get-rich-quick schemes of the early internet. But since courts now tend to favor the star over the squatter, a new kinder, gentler cybersquatting tactic has emerged.

These days, cybersquatters seek to register a star's domain before that person becomes famous, and then develop a business relationship with the new celebrity, offering website hosting or design work. These so-called soft squatters are registering the domains of hundreds of amateur athletes, musicians and other would-be stars in the hope that one or two of the names will become well-known. more

DNS Servers Do Hackers' Dirty Work

"DNS is now a major vector for DDOS," Dan Kaminsky, a security researcher said, referring to distributed denial-of-service attacks. "The bar has been lowered. People with fewer resources can now launch potentially crippling attacks."

Just as in any DDOS attack, the target system -- which could be a victim's Web server, name server or mail server -- is inundated with a multitude of data coming from multiple systems on the Internet. The goal is to make the target unreachable online by flooding the data connection or by crashing it as it tries to handle the incoming data.  more

Effects of Domain Hijacking Can Linger

Malicious hackers who are able to hijack an organization's Web domain may be able to steal traffic from the legitimate Web site long after the domain has been restored to its owner, according to a recent report.

Design flaws in the way Web browsers and proxy servers store data about Web sites allow malicious hackers to continue directing Web surfers to malicious Web pages for days or even months after the initial domain hijacking. more

New Policy in China Favors Cybersquatters

New regulations will make it more difficult for companies to protect their domain names from cybersquatters in China.

Under the new rules, foreign and local firms will need to prove malicious intent and act quickly to have any hope of retrieving stolen domain names, according to a regulatory official interviewed by Chinese news site Sina. The new rules appear to give a green light to cybersquatters who buy up domain names which are similar to brand names in the hope of selling later for a profit. more

Creating a Police State From the Ashes of the Internet

Former CIA Director, George J. Tenet recently called for measures to safeguard the United States against internet-enabled attacks. "I know that these actions will be controversial in this age when we still think the Internet is a free and open society with no control or accountability, but ultimately the Wild West must give way to governance and control." Mr. Tenet seems about as confused about the internet as the ITU... more

Zuccarini To Receive 30 Months in Prison

In a Press Release issued yesterday, February 26, 2004, it has been announced that Zuccarini (background here) will receive 30 months in prison for violating the Truth in Domain Names Act. At least two of the domain names mentioned in the press release, DINSEYLAND.COM and BOBTHEBIULDER.COM appear to have been registered by third parties and are pointing to pages of links... more

New TLDs, Swiftly: This Is No Beauty Contest!

In response to ICANN's request for proposal (RFP) for the selection of new sponsored Top-Level Domains, Wendy Seltzer for the At-Large Advisory Committee (ALAC) urges ICANN to move quickly beyond "testing" to more open addition of a full range of new gTLDs in the near future and offers some general principles to guide that expansion. more

Diverting Traffic On The Web: Trademarks And The First Amendment

What's at the heart of cybersquatting may also be at the heart of free speech on the Internet: the diversion of Internet users looking for plaintiff's web site to defendant's web site. Cybersquatters register domain names to accomplish this, while meta-infringers (as we will call them) use HTML code and search engine optimization techniques. Meta-infringers do this by creating keyword density by using competitor's trademarks and permutations thereof in their website in order to rank higher in the search engine results when someone searches on the competitor's trademarks. more

Industry Updates

How Domain Reputation API Can Help Detect HTTPS-Protected Phishing Sites

How to Avoid Fake Product Support Pages with WHOIS API's Help

Reverse Domain Hijacking and the Use of WHOIS and Domain Brand Monitoring Tools

Addressing Cybersquatting Dangers Using Brand Alert API and WHOIS Lookup

Fake Airline Ticket Scams: Domain Spoofing and Other Red Flags

Mitigating Phishing Attacks on Cloud/File Storage Services through Domain Reputation API

Reverse Domain Name Hijacking: What It Is and How to Avoid It through a Domain Availability Check

The Need for Email Address Verification in Light of Subpoena-Themed Phishing Attacks

Mobile Apps Take the Lead, Scammers Follow

The High Cost Of Privacy In A Post-GDPR World

How Threat Intelligence Software Can Help Prevent Breaches Caused by Server Misconfigurations

The Louisiana State Ransomware Attack: Enhancing Cyberdefense with Reverse IP Address Lookup

How Can Domain Intelligence Analysis Help in Vetting Third-Party Providers

Using Threat Intelligence Feeds to Prevent Orcus RAT Infections

The Orvis.com Data Leak: A Short Investigation Using WHOIS Information