Hot Topics:   Domain Names    Cybersecurity    DNS    Brand Protection    Whois    Policy & Regulation    Threat Intelligence   

Blog Posts

Big Cable Co's Touting 10G – Really?

Doug Dawson Earlier this year, at the CES show in January, the big cable companies discussed their vision for the future. They introduced the concept that cable networks would be able to deliver 10-gigabit broadband in the future. They labeled the promotion at the show as 10G. I didn't write about it at the time because I assumed this was a gimmick to give some buzz to this show in the middle of the pandemic. But lately, I've seen that they are still talking about the 10G initiative. more

Examining Real Examples of DNS Abuse: A Summary Overview of the 2nd DNS Abuse Forum

Graeme Bunton It was not without a little trepidation that I planned the 2nd DNS Abuse Institute Forum to focus on the long-standing and often contentious definitional issues surrounding DNS Abuse. While the risk of getting stuck in the usual entrenched positions was real, it seemed to me that we had an opportunity to provide some clarity and if not change minds, at least provide perspective. more

DNS Level Action to Address Abuses: New Tools for DNS Operators and Legislators

Elizabeth Behsudi The ways in which the Internet is embedded in our daily lives are too varied and numerous to catalogue. The Internet delivers information, access to goods, services, education, banking, social interaction and, increasingly, work space. The global pandemic has only heightened our dependence on the online world, which is why efforts to ensure that the Internet remains a trusted and secure environment are more important than ever. more

A Digital Bill of Rights (& Responsibilities), Part 1: Why Do We Need It

Klaus Stoll Using the lingo of Internet Governance, the "stakeholders" of digital technologies currently live in a state of confusion about their rights and responsibilities in the digital age. Digital technologies confront us with many questions we thought had been answered long before. We have a pretty clear understanding of our rights and responsibilities as citizens of our country, how a state should be governed, and how the private sector should conduct its business. more

Privacy, Legal vs. Natural Persons, and the Never-Ending ICANN EPDP

James Bladel It has been just over 3 years since the General Data Protection Regulation (GDPR) came into effect, and the work within ICANN (type "EPDP 2a" into your acronym decoder ring) to develop a permanent Registration Data policy is progressing at a snail's pace. At issue is a proposed mandatory requirement for Contracted Parties (really just Registrars), to differentiate between "legal persons" (a fancy way of saying corporations and similar organizations) and "natural persons" (the kind that eat and breathe and schedule Zoom calls). more

Centrality and the Internet

Geoff Huston The IRTF is a research-oriented part of the larger IETF structure. It has a number of research groups, one of which, DINRG, is looking at decentralized Internet Infrastructure. That's a big topic, and one could certainly look at distributed decentralized blockchain frameworks applied to ledgers, used by Bitcoin and similar, or self-organizing systems that perform orchestration without imposed control or distributed hash tables. more

The U.S. Fiber Expansion Craze

Doug Dawson I've written several times recently in blogs that there is a growing backlog in buying fiber cable. Some of the backlog is due to the general supply chain malaise that seems to be affecting almost everything we buy. During the recent gas shortages in North Carolina, I found out that there is a shortage of truck drivers. Apparently, many truck drivers found something else to do during the pandemic, and now there is a shortage of drivers to deliver the many goods that are shipped by truck. more

Why Is Verisign Ignoring New Revenue?

Greg Thomas Last month saw a much-anticipated decision handed down in the Independent Review Panel (IRP) proceeding examining the controversial 2015 auction for the .web generic top-level domain name registry (gTLD). This decision has been covered by others, including Kevin Murphy's DomainIncite, and has been the subject of unsurprisingly incongruous statements by both Verisign and Afilias, who are both contending for the .web concession privilege. more

The Risk of Descriptive Subdomains: Are We Revealing Too Much?

Jonathan Zhang Subdomains help organizations sort different sections of their websites neatly. Looking at the subdomains of some websites, for example, we usually see subdomains like shop[.]domain[.]com and blog[.]domain[.]com, which help users navigate the sites efficiently. But we couldn't help but notice subdomains that might be revealing a lot about a company's Internet infrastructure and resources. more

Illusory Correlation and Security

Russ White Fear sells. Fear of missing out, fear of being an imposter, fear of crime, fear of injury, fear of sickness ... we can all think of times when people we know (or worse, people in the throes of madness of crowds) have made really bad decisions because they were afraid of something. Bruce Schneier has documented this a number of times. For instance: "it's smart politics to exaggerate terrorist threats" and ... more

New Hair-Like Plastic Polymer Cable Can Transmit Data Ten Times Faster Than Copper

Doug Dawson Scientists and engineers are always looking for ways to speed up and more efficiently configure computing devices to maximize data flow. There are a lot of applications today that require the exchange of huge volumes of data in real-time. MIT scientists have created a hair-like plastic polymer cable that can transmit data ten times faster than copper USB cables. more

Are the Broadband Stats We Are Seeing Somehow Overinflated? What Did the Pandemic Hide?

Doug Dawson The growth of broadband customers has looked spectacular over the past year during the pandemic. It's easy to chalk up higher broadband customers nationwide to the need for households to be connected during the pandemic. But as I look back on what's happened during the last year, I can't help but wonder if the broadband stats we are seeing are somehow overinflated. more

Your Cybersecurity is Only as Strong as Your Weakest Vendor

Sue Watts Managing the risk of third parties has become a compliance focus for many large organizations. Companies even work with third-party service providers and external vendors just to manage this risk. The recent SolarWinds attack escalates the critical need for chief compliance officers to collaborate with their business counterparts to identify and mitigate potentially unknown threats that lie within third-party supply chains. Yet how can companies manage this risk when it's not if but when you're attacked? more

10th Registration Operations Workshop (ROW), June 8th, 2021, Online

Marc Blanchet The Registration Operations Workshop (ROW) was conceived as an informal industry conference that would provide a forum for discussion of the technical aspects of registration operations in the domain name system and IP addressing. The 10th ROW will be held online on Tuesday, June 8th, 2021 at 13h00-17h00 UTC. Click to learn more about the discussion topics and registration details. more

IRP Panel Dismisses Afilias' Claims to Reverse .WEB Auction and Award .WEB to Afilias

Kirk Salzmann On Thursday, May 20, a final decision was issued in the Independent Review Process (IRP) brought by Afilias against the Internet Corporation for Assigned Names and Numbers (ICANN), rejecting Afilias' petition to nullify the results of the July 27, 2016 public auction for the .WEB new generic top level domain (gTLD) and to award .WEB to Afilias at a substantially lower, non-competitive price. Nu Dotco, LLC (NDC) submitted the highest bid at the auction and was declared the winner, over Afilias' lower, losing bid. more

News Briefs

Close to Half of US East Coast Fuel Supply Shutdown Due to Ransomware Cyberattack

Colonial Pipeline, which accounts for close to half of the United States East Coast's fuel, has shut down its operations due to a cyberattack. The incident, believed to be the largest successful cyberattack on oil infrastructure in the U.S., was disclosed over the weekend. more

18 Million of the 22 Million Net Neutrality Comments Received by FCC in 2017 Were Fake

A multi-year investigation into 2017 net neutrality rulemaking finds 18 million fake comments were filed with the US Federal Communications Commission (FCC) and half a million fake letters were sent to Congress. more

SpaceX's Starlink Satellite Internet Service Has Received 500K Preorders, Says the Company

SpaceX on Tuesday disclosed that it has received 500,000 preorders for its Starlink satellite internet service and that it anticipates no technical problems meeting the demand. more

InternetNZ Has Disclosed a Vulnerability That Can Be Weaponized Against Authoritative DNS Servers

New Zealand's .nz operator, InternetNZ, on Wednesday disclosed a vulnerability against authoritative DNS servers. The vulnerability called TsuNAME was first detected in February 2020 in the .nz registry and found that it could be exploited to carry out Denial-of-Service (DoS) attacks across the world. more

Government of India Gives the Go-Ahead for 5G Technology and Spectrum Trials, Avoids Chinese Firms

The Department of Telecommunications (DoT), Government of India, approved permissions today to Telecom Service Providers (TSPs) for conducting trials for use and applications of 5G technology. more

Beavers Chewing Through Fiber Cable Cause Hundreds Lose Internet in a Canadian Remote Community

Internet service was down for nearly 900 customers in Tumbler Ridge, British Columbia, over the weekend after beavers chewed through a crucial fiber cable, resulting in "extensive" damage. According to a statement from the area's telecom provider, Telus, the outage also affected some cable TV customers and caused disruptions to local cell phone services. more

Pentagon Gave Control of 175M Dormant IP Addresses to Florida Company Right Before Trump's Departure

The US Department of Defense gave a small unknown Florida company control to millions of its dormant IP addresses, minutes before President Trump left office. According to reports, the unknown Florida company, Global Resource Systems LLC, initially obtained control of 56 million Pentagon-owned IP addresses on January 20 and later increased to near 175 million IP addresses. more

Security Researcher Dan Kaminsky Has Died

The celebrated security researcher, Dan Kaminsky, widely known for his work on discovering cruicisl DNS security flaws, Sony Rootkit infections and pupular talk at the Black Hat Briefings. more

ISPs Saw a 30% Increase in Traffic During the Pandemic, 40% During Peak Business Hours

ISPs in the U.S. saw a significant surge in both downstream and upstream traffic, increasing at least 30% and as much as 40% during peak business hours and as much as 60% in some markets, according to a new report from the Broadband Internet Technical Advisory Group (BITAG).  more

PIR Launches New Institute to Combat DNS Abuse

Public Interest Registry (PIR), the non-profit operator of the .org top-level domain, today launched the DNS Abuse Institute, a centralized effort to combat DNS Abuse. In its news release, PIR said the Institute "will bring together leaders in the anti-abuse space to fund research, publish recommended practices, share data, and provide tools to identify and report DNS Abuse." more

Alphabet to Shut down Loon, its Balloon Based Internet Access Project

Despite several groundbreaking technical achievements over the past nine years, Google's parent company Alphabet has decided to end the Loon project. The company said the road to commercial viability has proven much longer and riskier than hoped.  more

DNSSEC Now Deployed in all Generic Top-Level Domains, Says ICANN

The Internet Corporation for Assigned Names and Numbers organization (ICANN org) announced that all of the current 1,195 generic top-level domains (gTLDs) have deployed Domain Name System Security Extensions (DNSSEC). more

Donuts Completes the Acquisition of Afilias

Donuts stated today that it has completed the acquisition of Afilias announced on November 19. Donuts' CEO Akram Atallah says the company is now ready to begin the integration plan promising minimal disruptions to customers. more

The Government of Niue Launches Proceedings With ICANN to Reclaim Its .nu Top-Level Domain

The Government of Niue, a small island 2,400 kilometers northeast of New Zealand, launched proceedings today demanding a "redelegation" of its country code top-level domain, .nu, from the Internet Corporation for Assigned Names and Numbers (ICANN). more

A New Privacy-Focused DNS Protocol Released Called Oblivious

Cloudflare and Apple, along with Fastly, on Tuesday announced a new proposed DNS standard that separates IP addresses from queries preventing an entity from seeing both at the same time. more

Internet Society Extends Its Significant Financial Support Commitment to the IETF

According to an announcement on Monday, the Internet Society has agreed to extend its existing financial commitment to the Internet Engineering Task Force (IETF) for an additional term of six years. more

WIPO Arbitration and Mediation Center Registers Its 50,000th "Cybersquatting" Case

The WIPO Arbitration and Mediation Center on Monday announced it had registered its 50,000th "cybersquatting" case. The 50,000th case just received by WIPO coincides with the organization's 20th anniversary on November 20, 2020. more

DDoS Attacks Are Surging Both in Frequency and Sophistication

Cloudflare's new report warns about the significant increase of DDoS attacks and their level of sophistication. The numbers doubled from Q1 to Q2 and doubled again in Q3, resulting in a four-fold increase compared to the pre-COVID level in the first quarter. more

Donuts to Acquire Afilias

Donuts and Afilias announced today that Donuts is acquiring Afilias in a deal that is expected to close in December 2020 for an undisclosed amount. The combined entities will support over 25 million domain names spanning well over 400 TLDs. The deal will not include certain Afilias businesses, such as the mobile software and registrar businesses, which will remain with Afilias' original group of investors. more

U.S. Military Is Buying Location Data of People Around the World Through Ordinary Apps

The U.S. military is buying the granular movement data of ordinary people worldwide, harvested from innocuous-seeming apps, reports Motherboard. Among the apps connected to this type of data sale is a Muslim prayer and Quran app with more than 98 million downloads worldwide. more

Most Read – Last 30 Days

Recent Comments

The IETF Evolution
Transport vs. Network
Transport vs. Network
Mistrust of ICANN Is Fully Vindicated

Topics

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

Domain Management

Sponsored byMarkMonitor

Cybersecurity

Sponsored byVerisign

Brand Protection

Sponsored byAppdetex

IPv4 Markets

Sponsored byIPXO

Industry Updates

Internet Threats Go Viral – Companies Must React to Keep Brands Secure

CSC The year 2020 saw a marked increase in fraudulent domain registrations, phishing attacks, hacks and hijacking attempts, as well as the sale of counterfeit goods. Companies must protect themselves from revenue and reputation losses, as well as the risks of data breaches -- and not just react to the new face of commerce. more

How Can We Alleviate IPv4 Address Exhaustion

IPXO Back in the 1980s, no one would have foreseen that the Internet would grow the way it did and that IPv4 addresses would become a scarce asset. Today, we face a shortage of available IPs and the emergence of a secondary IP address market, proving that IPv4 addresses are sought after and are a valuable commodity. more

ZeuS, Still Alive and Kicking in the Form of Jabber ZeuS?

WhoisXML API ZeuS malware traces its origin as far back as 2006, when it was used to steal victims' online banking credentials. In 2011, its source code was leaked on a file-sharing site and quickly spread throughout various underground fora. more

Leasing vs. Buying IPv4 Addresses

IPXO More than a decade ago, the cost per IP address was around $5, but when IANA allocated the last block of IP addresses in 2011, that soon changed. With the world experiencing a shortage of IPv4 addresses, many companies are now looking for ways to get their hands on IP addresses to continue expanding their businesses. more

SideWinder DNS Blackholes Uncovered with Threat Intelligence Platform

Threat Intelligence Platform (TIP) A Domain Name System (DNS) blackhole is essentially a DNS server that gives false results for domain names. Also known as a "sinkhole server," an "Internet sinkhole," or a "DNS sinkhole," threat actors sometimes use DNS blackholes to redirect users to potentially harmful sites or pages. more

Verisign Q1 2021 Domain Name Industry Brief: 363.5 Million Domain Name Registrations in Q1 2021

Verisign Today, we released the latest issue of the Domain Name Industry Brief, which shows that the first quarter of 2021 closed with 363.5 million domain name registrations across all top-level domains (TLDs), a decrease of 2.8 million domain name registrations, or 0.8%, compared to the fourth quarter of 2020. Domain name registrations have decreased by 3.3 million, or 0.9%, year over year. more

Using IP Geolocation Data to Support Regulatory Compliance

Ipify Complying with strict data privacy regulations like the General Data Protection Regulation (GDPR) is a must do. Violators can get penalized as much as €10 million or 2% of their annual turnover. This reality makes it critical for organizations, therefore, to employ strict employee, customer, and stakeholder data management policies. more

Why Are Seemingly Intranet Pages Exposed on the Internet?

WhoisXML API Intranets are by definition meant for internal use only -- employee communication, content management, and the like. They are part of the Deep Web where search engines can't index sites, and unauthorized people shouldn't be able to access them. more

Radix's .Tech Domains and Startup Grind Launch pitch.tech Competition for Ideapreneurs

Radix .Tech Domains, the leading new domain extension for the tech ecosystem, recently announced a nationwide pitch competition in partnership with Startup Grind, the world's largest community of startups, founders, innovators, and creators, for idea-stage entrepreneurs to win $10,000 in equity-free funding and over $100,000 in startup benefits. more

Uncovering More Artifacts Related to the Endless Mayfly Disinformation Campaign

WhoisXML API Many reports have released indicators of compromise (IoCs) regarding the Endless Mayfly disinformation campaign. But for those who don't know what it is, Endless Mayfly uses fake social media accounts and media websites to spread false information that has to do with U.S., Israel, and Saudi Arabia relations. more

Given a Malicious Email Address, What Can You Discover with Maltego's WhoisXML API Transforms?

WhoisXML API On any given day, most of us get more emails that we won't read than those that we would. Many of these messages will remain unread and sent to the trash. There comes the third category of emails: Those we wished we hadn't read and acted upon because they are bound to be malicious, sent by cybercriminals trying to lure you into one of their scams. more

Crypto-Related Domains and Subdomains: What's Underneath the 30K of Them?

WhoisXML API Cryptocurrencies keep making waves in the online community, making them prime vehicles of threat actors in scam, phishing, and other malicious campaigns. Fraudsters, for one, have stolen millions of dollars worth of cryptocurrencies from investors through websites that promise rewards, giveaways, and earning opportunities. more

Looking Into the Latest Microsoft Exchange Server Vulnerability Exploitation

WhoisXML API A threat actor reportedly infiltrated the network of and stole data from a financial institution about a month ago by exploiting any of four Microsoft Exchange Server vulnerabilities -- CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, or CVE-2021-27065. While patches for all these have been released, users who have not downloaded and installed these could remain at risk. more

Radix's .Tech Domains Partners with Code.org to Bridge Widening Gender, Race Gap in Computer Science

Radix .Tech Domains, the leading new domain extension for the tech ecosystem, recently announced that it is collaborating with Code.org, a nonprofit dedicated to expanding access to computer science in schools. more

Hidden Botnet C&C on Legitimate Infrastructure? The Case of 000webhostapp[.]com

WhoisXML API Threats can come from anywhere, even from legitimate hosting infrastructure. In fact, many cybercriminals often host their command-and-control (C&C) servers in known hosting providers' networks, sometimes those that offer bulletproof hosting services, to evade detection and consequent blocking. more

A Deep Dive into Known Magecart IoCs: What Are the Connected Internet Properties?

WhoisXML API Magecart-style attacks have been around for a while and continue to be mentioned in the news in 2021. We found and collected a list of 20 domain names that have been mentioned in the past months on VirusTotal as Magecart indicators of compromise (IoCs). more

COVID-19-Related Bulk Domain Registrations: A Possible Case of DNS Abuse?

WhoisXML API Addressing Domain Name System (DNS) abuse has been a priority of the Internet Corporation for Assigned Names and Numbers (ICANN), notably since March 2020. During its 70th conference, the organization's members talked about creating a web page defining DNS abuse-related terms, which should be updated over time, to help users report cases. more

Leading Voices  –  From our corporate sponsors

Scott Hollenbeck Senior Director of the Verisign Registry Services Lab 12 posts viewed 153,898 times
Janine Goodman Vice President and Co-founder at Avenue4 LLC 6 posts viewed 58,862 times
Dr. Burt Kaliski Jr. Senior VP and Chief Technology Officer at Verisign 29 posts viewed 269,142 times
Keith Drazek Vice President of Public Policy and Government Relations at Verisign 2 posts viewed 21,300 times
Chuck Gomes VP of Policy and Compliance, Naming and Directory Services at VeriSign 2 posts viewed 26,946 times
Roland LaPlante Senior Vice President and Chief Marketing Officer at Afilias 17 posts viewed 234,202 times
Ram Mohan Chief Operating Officer at Afilias 36 posts viewed 663,182 times
John Kane Vice President of Corporate Services, Afilias 4 posts viewed 59,133 times
Jonathan Robinson Executive Chairman at Afilias 1 post viewed 9,636 times
Danny McPherson Executive Vice President and Chief Security Officer at Verisign 12 posts viewed 152,990 times
Dr. James Galvin Director, Technical Standards and Strategic Relationships at Afilias 4 posts viewed 58,321 times
Duane Wessels Distinguished Engineer at Verisign 6 posts viewed 71,218 times
Paul Livesay VP and Counsel at Verisign 1 post viewed 15,110 times
Marc Lindsey President and Co-founder at Avenue4 LLC 4 posts viewed 41,785 times
Shumon Huque Principal Research Scientist at Verisign Labs 1 post viewed 17,475 times