Risk Management January 9, 2023

DNSChanger and the Global Scope of Cybersecurity

4 min read - In November 2011, the FBI-led Operation Ghost Click raided malicious servers run by the Rove Digital cyber group. This was only after the group had leveraged the DNSChanger Trojan to infect over four million computers and generate over $14 million…

Risk Management July 21, 2022

20 Years Ago in Cybersecurity: Massive DDoS Attack Hits the Roots of the Internet

3 min read - It was considered the “largest ever” internet attack in 2002. This distributed denial of service attack hit seven of the 13 servers at the top of the internet’s domain name system hierarchy. Now, 20 years later, its origins remain mysterious,…

Cloud Security April 6, 2022

NFT Security Risks: Old Scams and New Tricks

4 min read - The non-fungible token (NFT) boom has also led to some serious security incidents. For example, the number of suspicious-looking domain registrations with names of NFT stores increased nearly 300% in March 2021. To participate in an NFT marketplace, you must…

July 14, 2020

Fake DNS Security Upgrade Scam Compromises WordPress Websites

3 min read - In late June, Naked Security received a scam email that pretended to originate from WordPress.com. It leveraged this cover to inform the recipient that their website was eligible to receive security upgrades under the Domain Name System Security Extensions (DNSSEC). The message…

Intelligence & Analytics November 5, 2018

How to Use Passive DNS to Inform Your Incident Response

6 min read - Passive DNS replication can be an essential source of data to contextualize your threat intelligence and inform your incident response plan.

April 11, 2018

Just 1 Percent of Companies Feel Ready to Fend Off Media Security Threats, Survey Reveals

2 min read - According to a recent study, just 1 percent of U.S. media companies reported high levels of confidence in their ability to withstand a variety of media security attacks.

June 29, 2017

Change of Style in Phishing Attacks Creates Fresh Concerns for Big-Name Brands

2 min read - Cybercriminals are changing their tactics when it comes to phishing attacks, shifting their efforts from hacked web servers to malicious domains.

Software Vulnerabilities September 8, 2015

Markdown: Designer Vulnerabilities Get a Fresh CVSS v3 Look

3 min read - The Common Vulnerability Scoring System (CVSS) has been completely redone to more accurately reflect the scope and impact of vulnerabilities.

Malware September 2, 2015

How to Stop a Botnet Created by Angler Exploit Kits

3 min read - The Angler exploit kit has been responsible for the vast majority of botnets created over the past year. Here's how it works and how to stop it.

August 5, 2015

In a BIND: DNS Server Attacks Exploit New Software Flaw

2 min read - New DNS server attacks are exploiting a flaw in the open-source BIND9, and websites at risk for attack need to move quickly to patch the problem.