Cybercrime

Blogs

The Importance of Understanding Attacker Target Selection

There's a bit of a debate going on about whether the Kaseya attack exploited a 0-day vulnerability. While that's an interesting question when discussing, say, patch management strategies, I think it's less important to understand attackers' thinking than understand their target selection. In a nutshell, the attackers have outmaneuvered defenders for almost 30 years when it comes to target selection. more

Examining Real Examples of DNS Abuse: A Summary Overview of the 2nd DNS Abuse Forum

It was not without a little trepidation that I planned the 2nd DNS Abuse Institute Forum to focus on the long-standing and often contentious definitional issues surrounding DNS Abuse. While the risk of getting stuck in the usual entrenched positions was real, it seemed to me that we had an opportunity to provide some clarity and if not change minds, at least provide perspective. more

Your Cybersecurity is Only as Strong as Your Weakest Vendor

Managing the risk of third parties has become a compliance focus for many large organizations. Companies even work with third-party service providers and external vendors just to manage this risk. The recent SolarWinds attack escalates the critical need for chief compliance officers to collaborate with their business counterparts to identify and mitigate potentially unknown threats that lie within third-party supply chains. Yet how can companies manage this risk when it's not if but when you're attacked? more

Vendor Selection Matters in the Domain Registrar Ecosystem

Domain name abuse is one of the most dangerous and under-regulated issues in digital business security today. Many of the largest companies in the world still lack basic domain security protocols, making them prime targets for bad actors. An attack on a domain can lead to the redirection of a company's website, domain spoofing, domain and domain name system (DNS) hijacking attacks, phishing attacks, network breaches, and business email compromise (BEC). more

Trusted Notifiers and the Future of DNS Abuse

Efforts have been ongoing in the ICANN community to develop a better understanding of its role in the combat of abuse. This theme has been rising in prominence every year since 2018, and 2021 appears to be the tipping point, in which consensus has built around the idea that more can be accomplished in terms of reducing the impact of rogue actors using the Internet for malicious purposes. more

What Are the Connections to Identified Hafnium Malicious IP Addresses?

Cyber attackers are very skilled at infiltration. They'd find ways into a house through cracks and holes that the homeowner doesn't know about. Analogically speaking, that's what the new cyber attack group dubbed "Hafnium" did when they identified several zero-day Microsoft Exchange vulnerabilities to get into target networks. With thousands of users for every Microsoft Exchange server, the attack has far-reaching implications. First, it establishes the presence of a new threat actor group in town. What else could they be up to? more

The Path to Combatting Domain Abuse

Completely eradicating malware, botnets, phishing, pharming, and spam from the Domain Name System is not possible. That may be an odd statement from someone who just took the leadership position at the DNS Abuse Institute, but it's meant to underscore the scope of the work ahead of us. There will always be bad actors exploiting the DNS for their own criminal purposes, but working together, we can mitigate their impact. more

Four-Pronged Approach to Keep Your Domain Names and DNS Secure from Cyberattacks

Domain names, domain name systems (DNS), and digital certificates are fundamental components of the most important applications that enable your company to conduct business - including your website, email, voice-over IP, and more. However, these vital applications are being attacked with an increasingly high level of sophistication and severity. more

The Future of Europe's Fight Against Child Sexual Abuse

Like much of how the Internet is governed, the way we detect and remove child abuse material online began as an ad hoc set of private practices. In 1996, an early online child protection society posted to the Usenet newsgroup alt.binaries.pictures.erotica.children (yes, such a thing really existed) to try to discourage people from posting such "erotica" on the assumption that the Internet couldn't be censored. more

The Netizen's Guide to Reboot the Root (Part II)

The first part of this series explained how Amendment 35 to the NTIA-Verisign cooperative agreement is highly offensive to the public interest. But the reasons for saving the Internet are more fundamental to Western interests than a bad deal made under highly questionable circumstances. One of the world's foremost experts on conducting censorship at scale, the Chinese Communist Party's experience with the Great Firewall... more

Notorious Markets, Scams and Implications for Brands

On January 14, 2021, the Office of the United States Trade Representative (USTR) released its 2020 Review of Notorious Markets for Counterfeiting and Piracy (the Notorious Markets List, or NML). This publication enumerates online and physical markets that have been reported to engage in trademark, counterfeiting, and copyright infringement at scale. For the first time, the NML documents show how internet platforms play a part in bringing illicit goods into the US. more

Reshaping Cyberspace: Beyond the Emerging Online Mercenaries and the Aftermath of SolarWinds

Ahmed Mansoor is an internationally recognized human rights defender based in the Middle East and recipient of the Martin Ennals Award (sometimes referred to as a "Nobel Prize for human rights"), On August 10 and 11, 2016, Mansoor received an SMS text messages on his iPhone promising "new secrets" about detainees tortured if he clicked on an included link. Instead of clicking, Mansoor sent the messages to the Canadian Citizen Lab researchers. more

What Are the Connected Assets of Confirmed Fake FBI Domains?

Two months ago, the Federal Bureau of Investigation (FBI) alerted the public to a list of domains that could easily be mistaken to be part of its network. The list of artifacts contained a total of 92 domain names, 78 of which led to potentially malicious websites, while the remaining 14 have yet to be activated or are no longer active as of 23 November 2020. more

97% of All Global 2000 Companies at Risk from SAD DNS Attack

There is a new threat in town known as "SAD DNS" that allows attackers to redirect traffic, putting companies at risk of phishing, data breach, reputation damage, and revenue loss. What is SAD DNS? No, it isn't the domain name system (DNS) feeling moody, but an acronym for a new-found threat -- "Side-channel AttackeD DNS" discovered by researchers that could revive DNS cache poisoning attacks. more

Cybersecurity Considerations in the Work-From-Home Era

Verisign is deeply committed to protecting our critical internet infrastructure from potential cybersecurity threats, and to keeping up to date on the changing cyber landscape. Over the years, cybercriminals have grown more sophisticated, adapting to changing business practices and diversifying their approaches in non-traditional ways. We have seen security threats continue to evolve in 2020, as many businesses have shifted to a work from home posture due to the COVID-19 pandemic. more

News Briefs

Close to Half of US East Coast Fuel Supply Shutdown Due to Ransomware Cyberattack

DDoS Attacks Are Surging Both in Frequency and Sophistication

New Data Reveals Phishing Attacks Are Bigger Than Reported, Exact Size of Problem Unknown

CENTR Has Released an Animated Video on ccTLDs and Their Technical Role Concerning Content

Trump Admin Ramping Up Attacks on GDPR – Says It Helps Cybercrime, Threatens Public Health

Trust Has Eroded Within the Cybercriminal Underground Causing a Switch to Ecommerce Platforms

Google Reports 18 Million Daily COVID-19 Related Malware, Phishing Emails Per Day

Over 360 Security Experts Around the World From Group to Combat COVID-19 Hackers, Protect Hospitals

Microsoft Takes Legal Action Against North Korean Cybercrime Group, Takes Down 50 Domains

U.N. Approves Resolution to Combat Cybercrime Despite Opposition From E.U., the U.S. and Others

Leading Domain Registries and Registrars Release Joint Document on Addressing 'DNS Abuse'

More Than 500 Schools in the U.S. Hit by Ransomware in 2019, Says Report

Cyber Risk Now on Top of Corporate Risk Agendas, Cyber Insurance Expanding

281 Arrested Worldwide by US Federal Authorities in Connection With Business Email Compromise Scheme

The Insecurity of the IoT is Only Getting More Profound, Says Principal Researcher at F-Secure

Ransomware Causes 15 Schools in Arizona To Stay Closed For a Second Day

Phishing Attacks Targeting Executives Now Top Cybersecurity Insurance Claims, Says AIG

By 2021 Cost of Cybercrime to Top Annual Natural Disasters and Global Drug Trade Costs, Says Report

Close to 200K Phishing Domains Discovered in a 5-Month Span, 66% Targetted Consumers, Akamai Reports

A Seattle Woman Charged With Capital One Data Theft Affecting 106 Million People

Most Viewed

Most Commented

Taking Back the DNS

Domain Tasting Target of US Federal Cybersquatting Lawsuit

Fake Bank Site, Fake Registrar

When Registrars Look the Other Way, Drug-Dealers Get Paid

Who Is Blocking WHOIS? Part 2

Industry Updates

Domains Are a Critical Component of Your Enterprise Risk Management

Are There More Properties Connected to the Pareto Botnet?

A Glimpse of Big Telcos' Domains and Subdomains Footprints

Return on Investment: Proving That Protection Pays

Top Music Streaming Services: What's Their Potential Domains & Subdomains Attack Surface?

More from DarkSide? We Ran an Analysis of Additional Identified Artifacts

Internet Threats Go Viral – Companies Must React to Keep Brands Secure

ZeuS, Still Alive and Kicking in the Form of Jabber ZeuS?

SideWinder DNS Blackholes Uncovered with Threat Intelligence Platform

Given a Malicious Email Address, What Can You Discover with Maltego's WhoisXML API Transforms?

Crypto-Related Domains and Subdomains: What's Underneath the 30K of Them?

A Deep Dive into Known Magecart IoCs: What Are the Connected Internet Properties?

COVID-19-Related Bulk Domain Registrations: A Possible Case of DNS Abuse?

Together for the Good of the Internet: eco Complaints Office Registers More Reports Than Ever Before

How Reverse IP Lookup API Can Help Detect Connected Domains

Participants – Random Selection