DNS

Blogs

Ten Years of Passive DNS

The report, "A Decade of Passive DNS" provides a longitudinal analysis of the use and popularity of top-level domains over a ten-year period. The findings are based on what Farsight Security has seen in passive DNS from 2010-2019 based on a ten-year data rollup, excluding DNSSEC-related records. This study allows us to report on four measures for that period for each of the 1,576 IANA-recognized TLDs. more

Leaked Documents Reveal Xi Jinping's Communist Chinese Plan to Control the Internet's Root

Yesterday, The Epoch Times reported on leaked internal Chinese government documents revealing that premier Xi Jinping has "personally directed the communist regime to focus its efforts to control the global Internet, displacing the influential role of the United States." Xi's ultimate aim is for the Chinese Communist Party (CCP) to wield "discourse power" over communications and discussions on the global geopolitical stage by controlling content on the Internet. more

Trusted Notifiers and the Future of DNS Abuse

Efforts have been ongoing in the ICANN community to develop a better understanding of its role in the combat of abuse. This theme has been rising in prominence every year since 2018, and 2021 appears to be the tipping point, in which consensus has built around the idea that more can be accomplished in terms of reducing the impact of rogue actors using the Internet for malicious purposes. more

Is NIST's Recent Letter on o.com a Bureaucratic Coup d'Etat?

Verisign recently informed ICANN that it had received a letter from the National Institute for Standards and Technology (NIST), an agency of the U.S. Department of Commerce, regarding the proposed auction of o.com described in the Second Amendment to the .com Registry Agreement agreed to by ICANN and Verisign in March 2019. This letter, which doesn't appear to be on official letterhead, is from a NIST Grants Officer and purports to overturn a letter raising objections to the auction... more

New Research Indicates Nearly 80% of Top US Energy Companies Are at Serious Risk for Cyberattacks

In light of the Biden administration's recent efforts in protecting critical infrastructure from cyber threats, new research from CSC indicates that a majority of the top energy companies in the U.S. are vulnerable to attack due to shortcomings in their online operations. Specifically, these organizations are vulnerable to domain name and domain name system (DNS) hijacking and phishing attacks based on their lack of effective domain security. more

The Multistakeholder Moment of Truth: Will Stakeholders Hold ICANN Accountable?

During the two-year period preceding the IANA transition in 2016, there was a near-superhuman effort put forth by the community of stakeholders to design, debate, and deploy an accountability framework for ICANN that would serve to check and balance the coordinator of the global DNS. One of the overriding concerns that stakeholders sought to address was the possibility of ICANN being captured, and it was argued that the global community of stakeholders would serve as a "backstop" that would hold ICANN accountable. more

Could Bulk-Registered Typosquatting Domains Be Connected to .ORG DNS Abuse?

Public Interest Registry (PIR) announced the creation of the DNS Abuse Institute about two months ago as it believes that "every .ORG makes the world a better place" and "anything that gets in the way of that is a threat," notably in the form of Domain Name System (DNS) abuse. To show support for the initiative, WhoisXML API analyzed monthly typosquatting data feeds for December 2020, January 2021, and February 2021 to identify .ORG domain trends... more

What Are the Connections to Identified Hafnium Malicious IP Addresses?

Cyber attackers are very skilled at infiltration. They'd find ways into a house through cracks and holes that the homeowner doesn't know about. Analogically speaking, that's what the new cyber attack group dubbed "Hafnium" did when they identified several zero-day Microsoft Exchange vulnerabilities to get into target networks. With thousands of users for every Microsoft Exchange server, the attack has far-reaching implications. First, it establishes the presence of a new threat actor group in town. What else could they be up to? more

The Insult and Injury of the U.S. Government's Failure to Enforce ICANN's Contractual Obligation

Someone recently observed that many stakeholders have fallen victim to a "chilling effect" resulting from fear of retaliation by the rich and powerful bullies currently infecting the multistakeholder community, ICANN, and Internet governance. I related to what I was hearing because I've been personally targeted and libelously attacked and it is deeply dismaying enough having to worry about threats to revenue and reputation along with other harmful effects of such thuggery. more

An Anti-Competitive .com Fait Accompli?

In a recent article, Is ICANN Staff Misleading the Board Into Violating Obligations to the U.S. Government, I wrote: The referenced Memorandum of Understanding (MOU) is the vehicle by which the U.S. government delegates to ICANN the responsibilities for overseeing the technical management of the Internet's Domain Name System (DNS)... This is important for many reasons, and much remains to be analyzed for additional context that can help expose the rot at the Internet's root. more

Is ICANN Staff Misleading the Board Into Violating Contractual Obligations to the U.S. Government?

Recently, I had time to reflect on various matters after the alternator in my vehicle decided that the middle of a mountain pass was the appropriate time and place to go to that great big pick-and-pull scrapyard in the sky while leaving me stranded with no cell signal on the side of the road in the middle of nowhere. Until that point, I had been seriously considering applying to ICANN's Nominating Committee for one of the three open seats on ICANN's Board of Directors. more

The Path to Combatting Domain Abuse

Completely eradicating malware, botnets, phishing, pharming, and spam from the Domain Name System is not possible. That may be an odd statement from someone who just took the leadership position at the DNS Abuse Institute, but it's meant to underscore the scope of the work ahead of us. There will always be bad actors exploiting the DNS for their own criminal purposes, but working together, we can mitigate their impact. more

Four-Pronged Approach to Keep Your Domain Names and DNS Secure from Cyberattacks

Domain names, domain name systems (DNS), and digital certificates are fundamental components of the most important applications that enable your company to conduct business - including your website, email, voice-over IP, and more. However, these vital applications are being attacked with an increasingly high level of sophistication and severity. more

ICANN Must Release the Single-Character .com Hostages from the IANA Impostor's Warehouse

Most of the single-character .com labels were initially registered in 1993 by Dr. Jon Postel while performing work pursuant to a contract with, and funded by, the U.S. government and are currently assigned to a "shell registrar" created and controlled by ICANN. This shell - which is the 376th entry on ICANN's list of accredited registrars - is misleadingly identified as the IANA registrar while being engaged in the illicit warehousing of domain names for speculative purposes. more

Is ICANN Running a Racket?

On March 13, 2019, I published an article on CircleID, Portrait of a Single-Character Domain Name, that explored the proposed release and auction of o.com, a single-character .com domain name that was registered in 1993 and assigned to the Internet Assigned Numbers Authority (IANA) by Dr. Jon Postel. Although the National Telecommunications and Information Administration (NTIA) has since raised serious objections... more

News Briefs

InternetNZ Has Disclosed a Vulnerability That Can Be Weaponized Against Authoritative DNS Servers

Security Researcher Dan Kaminsky Has Died

PIR Launches New Institute to Combat DNS Abuse

DNSSEC Now Deployed in all Generic Top-Level Domains, Says ICANN

A New Privacy-Focused DNS Protocol Released Called Oblivious

CENTR Has Released an Animated Video on ccTLDs and Their Technical Role Concerning Content

New Digital Services Act Should Not Disrupt Internet's Technical Operations, Warn RIPE NCC, CENTR

Trump Admin Ramping Up Attacks on GDPR – Says It Helps Cybercrime, Threatens Public Health

Firefox Starts the Roll Out of DNS Over HTTPS (DoH) by Default for US-Based Users

The Number Resource Organization (NRO) Issues Inspection Request to ICANN Concerning the .ORG Sale

Microsoft Announces Plans to Adopt DoH in Windows

EFF: For ISPs to Retain Power to Censor the Internet, DNS Needs to Remain Leaky

Leading Domain Registries and Registrars Release Joint Document on Addressing 'DNS Abuse'

The U.S. House Judiciary Committee Is Investigating Google's Plans to Implement DNS Over HTTPS

New Zealand’s Domain Name Commission Wins Appeal in Lawsuit Against US DomainTools

Mozilla Named "Internet Villain" for Supporting DNS-Over-HTTPS by a UK ISP Association

Use of DNS Firewalls Could Have Prevented More Than $10B in Data Breach Losses Over the Past 5 Years

A New Project Called Handshake Wants to Decentralize DNS, Says It's Unlike Previous Attempts

State-Sponsored Attack Is Manipulating DNS Systems of National Security Organizations

Unexpected Behaviour Observed With DNS Root Servers After Cryptographic Change

Most Viewed

Most Commented

Taking Back the DNS

Domain Tasting Target of US Federal Cybersquatting Lawsuit

When Registrars Look the Other Way, Drug-Dealers Get Paid

Squeegee Domains

Ask Vint Cerf: The Road Ahead for Top-Level Domains

Industry Updates

Hidden Botnet C&C on Legitimate Infrastructure? The Case of 000webhostapp[.]com

A Deep Dive into Known Magecart IoCs: What Are the Connected Internet Properties?

COVID-19-Related Bulk Domain Registrations: A Possible Case of DNS Abuse?

DNS Over HTTPS: Spanish Version of eco Discussion Paper on DoH Available

Come April, Nothing Is Certain Except Phishing and Taxes

Verisign Q4 2020 Domain Name Industry Brief: 366.3 Million Domain Name Registrations in Q4 2020

A Look at Recent Attacks on K-12 Distance Learning Providers Using Domain Intelligence

SolarWinds Cyber Intel Analysis Part 2: A Look at Additional CISA-Published IoCs

Blind Eagle Targeted Attack: Using Threat Intelligence Tools for IoC Analysis and Expansion

Cyber Threat Intel Analysis and Expansion of SolarWinds Identified IoCs

Threat Intel Expansion on Cosmic Lynx BEC Campaign's Recorded IoCs

QAnon and 8Chan Digital Footprint Analysis and Investigation Expansion

Attack Surface Discovery: A Review of FINRA-lookalike Domain and Linked IoCs

A Brief OSINT Analysis of Charming Kitten IoCs

MarkMonitor Releases New gTLD Quarterly Report for Q4 2020

Participants – Random Selection