Cybercrime

Cybercrime / Featured Blogs

Domain Name Typosquatter Still Generating Millions

Ever visit cartoonneetwork.com? Adaptac.com? Check the URLs carefully, for these aren't the "real" sites operated by the Cartoon Network cable channel or by Adaptec, manufacturer of PC storage devices. Instead, these domains -- and some 5,000+ others -- were registered by a Mr. John Zuccarini. Read on to learn what he is up to and how he has gotten away with it. more

Domain Name Theft Part II: Did ICANN Leave Foxes Guarding the Chicken COOP?

When it comes to stealing domain names, I suspect that there are two reasons why so many web bandits appear to be immune from ICANN (the Internet Corporation for Assigned Names and Numbers uses the acronym ICANN): the first reason I discussed in my last column on domain name theft (where I described a substantive void in domain name "regulation" as a primary factor for the increasing incidence of domain name theft), the second reason, which is the focus of this column, is the procedural anomaly that currently infuses ICANN's uniform dispute resolution process (UDRP) by providing no administrative forum for domain name registrants who become victims of domain name theft carried out by ICANN's registrars. more

Examining Stuart Lynn's Domain Name Plans - Part I

Last month ICANN began soliciting comments on Stuart Lynn's A Plan for Action Regarding New gTLDs, which will be one of the Internet governance organization's primary discussion topics at its December meeting in Amsterdam. more

Preventing Future Attacks: Alternatives In DNS Security Management - Part II

In Part I of this article I set the stage for our discussion and overviewed the October 21st DDoS attacks on the Internet's 13 root name servers. In particular, I highlighted that the attacks were different this time, both in size and scope, because the root servers were attacked at the same time. I also highlighted some of the problems associated with the Domain Name System and the vulnerabilities inherent in BIND. Part II of this article takes our discussion to another level by critically looking at alternatives and best practices that can help solve the security problems we've raised. more

Preventing Future Attacks: Alternatives In DNS Security Management - Part I

The October 21 DDoS attacks against the 13 root-name servers containing the master domain list for the Internet's Domain Name System (DNS), (which reportedly took offline 9 of the 13 servers) remain a clear and daunting reminder of the vulnerabilities associated with online security. Many DNS authorities have named the most recent hit the largest DDoS attack against the root server system. Chris Morrow, network security engineer for UUNET, the service provider for two of the world's 13 root servers, recently told The Washington Post... more

Invalid WHOIS Data: Who Is Responsible?

Suppose you wanted to know who operates a website at a given domain name. Perhaps you suspect that the domain name is pointing to a website that offers illegal content, or you may just want to send a comment to its authors. Conveniently, the Internet provides a so-called "WHOIS" system that ordinarily provides contact information for each registered domain. But in the case of many hundreds of thousands of domains, the WHOIS data just isn't accurate.  more

Privacy Matters: Is It Time To Abolish The WHOIS Database?

Recently, I entered my domain name in a "WHOIS" database query to test the results of the database by using WHOIS on a number of domain name registrar websites. WHOIS is a database service that allows Internet users to look up a number of matters associated with domain names, including the full name of the owner of a domain name, the name of the domain name hosting service, the Internet Protocol or I.P. number(s) corresponding to the domain name, as well as personally identifying information on those who have registered domain names. I was astonished to find... more

Domain Name Theft, Fraud And Regulations

When it comes to domain name disputes, no domain name has captured more media attention than sex.com. Of course, disputes about sex often obtain a great deal of attention, and the sex.com domain name dispute can grab its share of headlines because the case involves sex, theft, declared bankruptcy, a once-thriving Internet porn business, and fraud, instead of the typical cybersquatting allegations. Indeed, this case is remarkable for its potential impact on the development of caselaw concerning whether there is a valid basis to assume that trademark interests should overwhelm all non-commercial interests in the use of domain names. The answer is no, but the caselaw to support that answer is in tension with cases that strongly imply a contrary conclusion. more

Industry Updates

Could the LGBTQ Community Be a Target of Internet Threat Actors?

Domains Are a Critical Component of Your Enterprise Risk Management

Are There More Properties Connected to the Pareto Botnet?

A Glimpse of Big Telcos' Domains and Subdomains Footprints

Return on Investment: Proving That Protection Pays

Top Music Streaming Services: What's Their Potential Domains & Subdomains Attack Surface?

More from DarkSide? We Ran an Analysis of Additional Identified Artifacts

Internet Threats Go Viral – Companies Must React to Keep Brands Secure

ZeuS, Still Alive and Kicking in the Form of Jabber ZeuS?

SideWinder DNS Blackholes Uncovered with Threat Intelligence Platform

Given a Malicious Email Address, What Can You Discover with Maltego's WhoisXML API Transforms?

Crypto-Related Domains and Subdomains: What's Underneath the 30K of Them?

A Deep Dive into Known Magecart IoCs: What Are the Connected Internet Properties?

COVID-19-Related Bulk Domain Registrations: A Possible Case of DNS Abuse?

Together for the Good of the Internet: eco Complaints Office Registers More Reports Than Ever Before