Cyberattack

Blogs

78% of Cybersecurity Professionals Expect an Increase in DNS Threats, Yet Have Reservations

A recent survey conducted by the Neustar International Security Council confirmed the heightened interests on domain name system (DNS) security. The survey reveals that over three-quarters of cybersecurity professionals anticipate increases in DNS attacks, especially with more people shopping online amid the pandemic. Yet, close to 30% have reservations about their ability to respond to these attacks. more

Notes from NANOG 81

As the pandemic continues, the network operator community continues to meet online. NANOG held its 81st meeting on February 8 and 9, and these are my notes from some of the presentations at that meeting... Ethernet, developed in 1973 at Xerox PARC, was a revolutionary step in network architectures in many ways. The common bus architecture imposed several constraints on the network that have echoed through the ensuing four decades in all kinds of ways. more

3 Most Scary Attacks that Leaked Personally Identifiable Information (PII) of Millions of Users

Cybercriminals are increasingly targeting Personally Identifiable Information (PII). The reason being "data is the new gold" in this digital world, and the more sensitive some data is, the more value it has. There is no more sensitive data than personally identifiable information because it contains enough information to identify you digitally. Examples of personally identifiable information include name, email, contact number, address, social security number, tax file number, banking or financial information, and more such data that helps identify you. more

Clarivate Domain Survey Reveals a 10% Increase in Cyberattacks

Clarivate has once again surveyed global business leaders about the importance of domain names to their organizations, including the role of domains as intellectual property (IP) assets. The 2020 survey followed up on our 2019 survey, revealing key year-over-year trends in how organizations manage, secure and budget for domain names. In this blog, we review key trends from the new report. more

Reshaping Cyberspace: Beyond the Emerging Online Mercenaries and the Aftermath of SolarWinds

Ahmed Mansoor is an internationally recognized human rights defender based in the Middle East and recipient of the Martin Ennals Award (sometimes referred to as a "Nobel Prize for human rights"), On August 10 and 11, 2016, Mansoor received an SMS text messages on his iPhone promising "new secrets" about detainees tortured if he clicked on an included link. Instead of clicking, Mansoor sent the messages to the Canadian Citizen Lab researchers. more

Protecting an Enterprise from Cyber Catastrophe

We are suffering an epidemic of cyberattacks while in a viral pandemic. This post is for those who have responsibility for assuring that the IT-based services offered by their enterprise can quickly recover in the case of successful cyber-attack or other disaster. University of Vermont Medical Center (UVMMC) is an excellent hospital. I owe my life to treatment there and am grateful for both the skill and the kindness of UVMMC staff. They have been devastated by a cyber-attack. more

Cybersecurity Considerations in the Work-From-Home Era

Verisign is deeply committed to protecting our critical internet infrastructure from potential cybersecurity threats, and to keeping up to date on the changing cyber landscape. Over the years, cybercriminals have grown more sophisticated, adapting to changing business practices and diversifying their approaches in non-traditional ways. We have seen security threats continue to evolve in 2020, as many businesses have shifted to a work from home posture due to the COVID-19 pandemic. more

Authenticated Resolution and Adaptive Resolution: Security and Navigational Enhancements to the DNS

The Domain Name System (DNS) has become the fundamental building block for navigating from names to resources on the internet. DNS has been employed continuously ever since its introduction in 1983, by essentially every internet-connected application and device that wants to interact online. Emerging from an era where interconnection rather than information security was the primary motivation, DNS has gradually improved its security features. more

New CSC Research Finds Significant Lack of Redundancy for Enterprise DNS

As outlined in CSC's recent 2020 Domain Security Report: Forbes Global 2000 Companies, cybercriminals are disrupting organizations by attacking the protocol responsible for their online presence -- their domain name system (DNS). When a DNS is overwhelmed with traffic due to a distributed denial of service (DDoS) attack or configuration error, content and applications become inaccessible to users, affecting both revenue and reputation. more

Beware of Abandoned Domain Names in this Turbulent Time and as the Global Economy Changes

The outbreak of COVID-19 has caused worldwide disruption -- for whole nations and their economies. Unfortunately, there will be some side effects for businesses. A number of brands will disappear from the streets and shelves, as businesses that fail to weather the storm will have to fold. Companies that do survive will likely focus more on their core markets, pulling brands out of higher risk, less profitable markets... more

Do Your Analytics Efforts Expose Your SQL Data Sources to Attacks?

Structured Query Language (SQL) continues to be quite relevant today. Many organizations still use SQL database systems, and it still ranks as the top in-demand language in tech job postings -- even in 2020. Companies are also increasing their analytics and business intelligence efforts, where SQL skills come in as quite handy. SQL queries allow you to pull key information from databases quickly. more

Verisign Expands MANRS Relationship to Strengthen Global Routing Security

Verisign has been involved with an initiative known as Mutually Agreed Norms for Routing Security, or MANRS, since its inception. MANRS, which is coordinated by the Internet Society, focuses on strengthening the security and resiliency of IP networks throughout the world by identifying and providing best practices for mitigating common routing security threats. MANRS began as a collaboration among network operators and internet exchange providers, with Verisign formally becoming a participant in its Network Operator Program in 2017. more

The Impact of a Pandemic on Cyberattacks and Business Continuity Plans

A new survey of security and IT leaders by csoonline.com sheds light on how organizations across industries are dealing with the COVID-19 crisis, how prepared they were when the pandemic first hit, how vulnerable they are, and what the long-term impact on companies may be. Unsurprisingly, the survey found there has been an increased number of employees working from home. more

Measuring Abuse: How Much COVID-Related Abuse Is There, Really?

Like measuring COVID's impact, so too measuring the impact of COVID-related abuse on the Internet is difficult, there are those that would foolishly dismiss the danger entirely, others over-state the problem, perhaps to prompt sales of tools and services. The amount and type of abuse varies from network to network, and to declare everything is fine based on one world-view you believe to be ubiquitous, or that the sky is falling based upon another, extrapolated to 'everybody else' is simply poor analysis. more

3 Reasons It's Crucial to Review Your Domain Lock Portfolio Now

Just as we started the new year, the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency's (CISA) issued an alert. On January 6, 2020 , they warned of domain name system (DNS) hijacking and other cyber threats that may be used by nation-state threat actors to disrupt business activity and take control of vital internet assets. A familiar refrain heard in 2019 now repeating in 2020. more

News Briefs

DDoS Attacks Are Surging Both in Frequency and Sophistication

Over 360 Security Experts Around the World From Group to Combat COVID-19 Hackers, Protect Hospitals

U.S. Health Agency Suffers From Cyberattack, COVID-19 Disruptions by Foreign Actors Suspected

Microsoft Takes Legal Action Against North Korean Cybercrime Group, Takes Down 50 Domains

More Than 500 Schools in the U.S. Hit by Ransomware in 2019, Says Report

27 Countries Issue Joint Statement on 'Advancing Responsible State Behavior in Cyberspace'

Cyber Risk Now on Top of Corporate Risk Agendas, Cyber Insurance Expanding

The Insecurity of the IoT is Only Getting More Profound, Says Principal Researcher at F-Secure

Ransomware Causes 15 Schools in Arizona To Stay Closed For a Second Day

Phishing Attacks Targeting Executives Now Top Cybersecurity Insurance Claims, Says AIG

Close to 200K Phishing Domains Discovered in a 5-Month Span, 66% Targetted Consumers, Akamai Reports

A 60% Rise Reported on Malware Designed to Harvest Consumers' Digital Data, aka Password Stealers

Equifax Announces Comprehensive Consumer Settlement for the 2017 Data Breach

Florida Cities Are Paying Hundreds of Thousands of Dollars in Ransom to Get Their Data Back

State-Sponsored Cyberattack Against Telecom Providers Is Targetting Data on Specific Individuals

US Launches Cyberattack Against Iran’s Military IT Systems

United States Steps Up Digital Incursions Into Russia's Electric Power Grid, According to NYT

Notorious Hacker Group XENOTIME Expands Its Targeting Beyond Oil and Gas to Electric Utility Sector

Use of DNS Firewalls Could Have Prevented More Than $10B in Data Breach Losses Over the Past 5 Years

Baltimore Gets Hacked: Main Computer Systems Crippled, Experts Estimate Months to Recover

Most Viewed

Most Commented

Industry Updates

A Look at Recent Attacks on K-12 Distance Learning Providers Using Domain Intelligence

How to Monitor IP Netblocks for Possible Targeted Attacks

Blind Eagle Targeted Attack: Using Threat Intelligence Tools for IoC Analysis and Expansion

QAnon and 8Chan Digital Footprint Analysis and Investigation Expansion

Attack Surface Discovery: A Review of FINRA-lookalike Domain and Linked IoCs

Dark Caracal: Undisclosed Targeted Attack IoCs Can Pose Risks

Business Email Compromise Attacks: The Big Phishing Scam That's Easily Missed

Attack Surface Analysis of 3 Social Media Giants

Attack Surface Monitoring: Two Ways to Detect Phishing Subdomains

Gathering Context Around Emotet, Trickbot, and Dridex C&C Servers with Bulk IP Geolocation

Threat Intelligence Feeds in the Fight against Insurance-Themed Cyber Attacks

The DNS Ecosystem, Its Vulnerabilities, and Threat Mitigations

Using WHOIS History and Other Intelligence Sources for Establishing Potential Attack Surfaces

Domain Intelligence Shows Cybercriminals May Abuse Video-Conferencing Services' Brand Names

How Cyber Threat Intelligence Feeds Can Support MSSPs

Participants – Random Selection