Threat Intelligence

Sponsored
by

Noteworthy

WHOIS History API: Powering Domain Investigations

Domain Research and Monitoring: Keeping an Eye on the Web for You

Reverse WHOIS: A Powerful Process in Cybersecurity

Threat Intelligence / News Briefs

Phishing Reaching Record Numbers in 2006

The Anti-Phishing Working Group (APWG) is reporting a record number of legitimate "brands" were hijacked in July 2006. ...They also report to have found 23,670 total phishing websites used to commit identity theft, fraud and other malicious activity in July 2006. This number is second only to the record 28,571 phishing sites found in June 2006, and is nearly double the 14,135 phishing sites found in July 2005. more

ICANN Names DNS Security Experts

The Internet Corp for Assigned Names and Numbers yesterday named the 25 domain name system security experts that will be responsible for deciding whether proposed domain registry services could cause internet security and stability problems. The 25 people, who hail from all over the world, would be selected in five-person panels to decide on a case-by-case basis whether services proposed by the likes of .com registry VeriSign Inc or .biz registry NeuStar Inc constitute a problem to the internet. more

With Tropical Strom Ernesto Comes the Domain Storm

With tropical storm Ernesto now blowing off the coast of Florida, Internet security experts are warning that fraudsters may be hard at work claiming Ernesto-related Web site domains. On Tuesday, 18 domains related to the storm became live, said Johannes Ullrich, chief research officer at the SANS Institute. They include such names as Ernestoinsurance.com, Ernestomoney.com and Ernestodamage.com. more

Data Can Bypass Most Network Security via IPv6

An independent security researcher showed off an early version of a tool for creating covert channels that, he claims, can pass undetected through most firewalls and intrusion detection systems.

Joe Klein, network security expert, North American IPv6 Task Force The tool, dubbed VoodooNet or v00d00n3t, uses the ability of most computers to encapsulate next-generation network traffic, known as Internet Protocol version 6 (IPv6), inside of today's network communications standard, or IPv4. more

China Betting on IPv6 and First Mover Advantage

The United States' reluctance to invest in IPv6 makes it more likely that China will be in a position to gain the first-mover advantage it seeks. ...Liu Dong, president of the Beijing Internet Institute sums it up succinctly: "We think we can develop the killer applications," he says. China plans to show the rest of the world just how advanced its Internet is at the 2008 Olympics in Beijing. CNGI will control the facilities -- everything from security cameras to the lighting and thermostats -- at the Olympic venues, and events will be broadcast live over the Internet. Even the taxis in Beijing's snarled traffic will connect to CNGI via IPv6 sensors so that dispatchers will be able to direct their drivers away from congestion. more

OpenDNS Possible Alternative to Spotty DNS Services

Paul Mockapetris, the inventor of DNS and chief scientist at secure DNS provider Nominum, said DNS is like the water of the Internet. In that analogy, OpenDNS is like bottled water. If you use it, you don't have to trust the local water, which may be polluted or diseased, Mockapetris said.

"Of course, you have to trust the OpenDNS folks, and I suspect they are looking forward to showing you advertising. So maybe it is more like Gatorade, and maybe they will fluoridate their DNS and add stuff that will kill your prized fish in the aquarium as well as the phish they are looking for," he said. more

Net Security an Oxymoron, Interview with SRI Principle Scientist

At a time when threats to the Internet and other computer networks loom from teenage hackers and terrorists alike, Neumann (pronounced "Noy-muhn") is sounding an alarm that computer security advocates agree has fallen on deaf ears. The trouble, Neumann warns, is that the Internet is populated by computers that were not designed with network security in mind. As a result, security is addressed on a patch-by-patch basis, but an effective solution would require redesigning systems from scratch. more

Security Experts Warn VoIP Attacks May Be Just Around the Corner

It's become a familiar pattern in online security. A groundbreaking way to communicate emerges, spreads like wildfire, and then hackers find a way to use it to their advantage. Security companies react--but not before the problem has succeeded in wreaking havoc. It happened with e-mail and is happening now with instant messaging and mobile devices.

The next area that could be targeted: Voice over Internet Protocol, or VoIP, which lets people make low-priced phone calls using the same technology that delivers e-mail. And the results could be just as damaging, if not worse, than with other technologies, some security experts warn.  more

Email Security an Ongoing Battle, Focus on Manageable Risk Instead

The IT industry will never eradicate security threats to email systems and organizations should take a holistic approach to securing their communication systems to the level where they believe risk is at a manageable state, according to panelists at this week's Inbox email conference in San Jose...

At a packed panel session on email accreditation and reputation, the panelist told audience members that reputation services have taken off rapidly. These services profile the sender's behavior to determine the likelihood that a message is legitimate or spam. The sender's reputation is determined based on multiple criteria then assigned to categories, or lists. more

Antispam Effort Backfires Forcing Company to Shut Down

Anti-spam firm Blue Security is to scrap its spam-fighting effort after deciding its escalating conflict with a renegade spammer was placing the internet as a whole in jeopardy.

Blue Security established a 'Do Not Intrude Registry' (akin to the Do Not Call Registry for telemarketing) with around 450,000 members. Participants downloaded a small tool, called Blue Frog, which systematically floods the websites of spammers with opt-out messages. Depending on your point of view, this initiative can either be viewed as community action or vigilantism. more

Storing VoIP Conversation along with Email as Next Regulation

IT chiefs have been warned to prepare for the possibility of new corporate governance rules that would require them to keep records of voice-over-IP (VoIP) conversations alongside email, instant messaging and other forms of communication.

Speaking at the Symantec user event in San Francisco last week, Jeremy Burton, a senior vice-president at the security specialist, said, "Financial institutions in the US already need to keep voicemail because it is stored on disk. As soon as the regulators figure out that VoIP is a digital stream, they will probably try to force that to be kept as well." more

Security Professionals at Major Financial Institutions Shunning VoIP

Internet telephony is still not mature enough a platform to support business communications, according to senior security professionals.

In a debate at the Infosecurity conference in London last Wednesday, an audience of security and IT pros voted that Voice over Internet Protocol (VoIP) wasn't able to support mission critical communications at the moment. Banking security professionals argued that the expense of implementing current VoIP solutions coupled with the risk of security holes and network downtime did not make IP telephony an attractive business proposition. more

Class-Action Lawsuit Filed Against Yahoo for Typosquatting

A class-action lawsuit [PDF] filed Monday against Yahoo! Inc. and group of unnamed third-parties accuses the company of engaging in "syndication fraud" against advertisers who pay Yahoo to display their ads on search results and on the Web pages of partner Web sites. The suit claims that Yahoo displayed these advertisers' online ads via spyware and adware products and on so-called "typosquatter" Web sites that capitalize on misspellings of popular trademarks or company names.

Potentially more explosive is the plaintiff's claim that Yahoo regularly uses its relationship with adware and typosquatting sites to gin up extra revenue around earnings time, alleging that the company is conspiring to boost revenue by partnering with some of the Internet's seamier characters. more

VoIP Used in New Phishing Scam

Small businesses and consumers aren't the only ones enjoying the cost savings of switching to VoIP. According to messaging-security company Cloudmark, phishers have begun using the technology to steal personal and financial information over the phone.

Earlier this month, Cloudmark trapped an email phishing attack in its security filters that appeared to come from a small bank in a big city and directed recipients to verify their account information by dialing the included number. (The Cloudmark user who received the email and alerted the company knew it was a phishing scam, because he's not a customer at this bank.)  more

Internet Domain Names as Ubiqutous as Social Security Numbers

Jim Croce's famous song "I got A Name" may one day need to be changed to "I got A Domain" if current Internet growth rates remain the same. Today there over 70 million registered Internet domain names across the globe, according to Dotster, Inc., a leading provider of Internet domain name and hosting services...

"While more and more businesses are taking advantage of the innovation and power offered by the Internet by registering domains, an equal number of individual users are registering for domain names as well. In fact, with the Internet becoming such a ubiquitous part of everyday life and commerce, one can imagine a day when every individual and every corporation will have a domain name just as they do a social security number or corporate tax ID," says Kevin Kilroy, Chairman, Dotster, Inc. more

Industry Updates

Top Music Streaming Services: What's Their Potential Domains & Subdomains Attack Surface?

More from DarkSide? We Ran an Analysis of Additional Identified Artifacts

ZeuS, Still Alive and Kicking in the Form of Jabber ZeuS?

SideWinder DNS Blackholes Uncovered with Threat Intelligence Platform

Why Are Seemingly Intranet Pages Exposed on the Internet?

Uncovering More Artifacts Related to the Endless Mayfly Disinformation Campaign

Given a Malicious Email Address, What Can You Discover with Maltego's WhoisXML API Transforms?

Crypto-Related Domains and Subdomains: What's Underneath the 30K of Them?

Looking Into the Latest Microsoft Exchange Server Vulnerability Exploitation

Hidden Botnet C&C on Legitimate Infrastructure? The Case of 000webhostapp[.]com

A Deep Dive into Known Magecart IoCs: What Are the Connected Internet Properties?

COVID-19-Related Bulk Domain Registrations: A Possible Case of DNS Abuse?

Protecting Intellectual Property Protects Consumers

"Voltswagen": April Fool's Prank, Brand Turmoil, and Bulk Domain Registrations

What Are the Common Forms of Bulk Domain & Typosquatting Registrations?