Why Phishers Love New TLDs Like .shop, .top and .xyz

Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains gTLDs -- such as .shop , .top , .xyz -- that attract scammers with rock-bottom prices and no meaningful registration requirements,...

Phish-Friendly Domain Registry “.top” Put on Notice

The Chinese company in charge of handing out domain names ending in ".top" has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the release of...

GHSA-W4X6-HH3X-WJRX Stale copy of the public suffix list

We have identified that this project contains an out-of-date version of the Public Suffix List https://publicsuffix.org/. We are carrying out research to identify the potential impacts of using old versions of the Public Suffix List, and we intend to publish our results in academic conferences an...

Stale copy of the public suffix list

We have identified that this project contains an out-of-date version of the Public Suffix List https://publicsuffix.org/. We are carrying out research to identify the potential impacts of using old versions of the Public Suffix List, and we intend to publish our results in academic conferences an...

ICANN Launches Service to Help With WHOIS Lookups

More than five years after domain name registrars started redacting personal data from all public domain registration records, the non-profit organization overseeing the domain industry has introduced a centralized online service designed to make it easier for researchers, law enforcement and...

What's in a name? Strange behaviors at top-level domains creates uncertainty in DNS

Google introduced the new ".zip" Top Level Domain TLD on May 3, 2023, igniting a firestorm of controversy as security organizations warned against the confusion that was certain to occur. When clicking on a name that ends in ".zip" are people intending to open an archive file or an internet URL?...

Unlocking the Secrets of Smooth Domain Transfers: A Step-by-Step Guide

By Owais Sultan Are you looking to switch your web address to another registrar? According to ICANN, you’re free to do… This is a post from HackRead.com Read the original post: Unlocking the Secrets of Smooth Domain Transfers: A Step-by-Step Guide...

unbound security, bug fix, and enhancement update

1.16.2-2 - Require openssl tool for unbound-keygen 2116802 1.16.2-1 - Update to 1.16.2 2087120 1.16.0-3 - Disable ED25519 and ED448 in FIPS mode 2079548 1.16.0-2 - Restart keygen service before every unbound start 2094336 1.16.0-1 - Update to 1.16.0 2087120 1.15.0-1 - Update to 1.15.0 2030608 -...

Edge DNS and the Top-Level Domain Hosting

Akamai Edge DNS offers the scale and functionality to meet ICANN’s intensive requirements for hosting a generic top-level domain gTLD zone in DNS...

Internet Backbone Giant Lumen Shuns .RU

Lumen Technologies, an American company that operates one of the largest Internet backbones and carries a significant percentage of the worlds Internet traffic, said today it will stop routing traffic for organizations based in Russia. Lumens decision comes just days after a similar exit by...

Exclusive: German Police Raid OmniRAT Developer and Seize Digital Assets

The German police yesterday raided the house of the developer of OmniRAT and seized his laptop, computer and mobile phones probably as part of an investigation into a recent cyber attack, a source told The Hacker News. OmniRAT made headlines in November 2015 when its developer launched it as a...

icann-transfers.info XSS vulnerability

Open Bug Bounty ID: OBB-708131 Description| Value ---|--- Affected Website:| icann-transfers.info Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...

Virtuozzo 6 : bind / bind-chroot / bind-devel / bind-libs / etc (VZLSA-2017-1679)

"An update for bind is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

icann-transfers.info XSS vulnerability

Open Bug Bounty ID: OBB-688567 Description| Value ---|--- Affected Website:| icann-transfers.info Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...

[SECURITY] [DLA 1542-1] dnsruby update

Package : dnsruby Version : 1.54-2+deb8u1 Debian Bug : 908887 dnsruby is a feature-complete DNSSEC client for Ruby. It ships the DNS Root Key Signing Key KSK, used as trust anchor to validate the authenticity of DNS records. This update includes the latest KSK KSK-2017, that will be used by ICANN...

DNSSEC Key Signing Key Rollover

On October 11, 2018, the Internet Corporation for Assigned Names and Numbers ICANN will be changing the Root Zone Key Signing Key KSK used in the Domain Name System DNS Security Extensions DNSSEC protocol. DNSSEC is a set of protocol extensions used to digitally sign DNS information, an important...

icann-transfers.info XSS vulnerability

Open Bug Bounty ID: OBB-679834 Description| Value ---|--- Affected Website:| icann-transfers.info Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

icann-transfers.info XSS vulnerability

Open Bug Bounty ID: OBB-649305 Description| Value ---|--- Affected Website:| icann-transfers.info Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Bad .Men at .Work. Please Don’t .Click

Web site names ending in new top-level domains TLDs like .men, .work and .click are some of the riskiest and spammy-est on the Internet, according to experts who track such concentrations of badness online. Not that there still aren't a whole mess of nasty .com, .net and .biz domains out there, b...

ICANN Launches GDPR Lawsuit to Clarify the Future of WHOIS

The WHOIS internet domain directory is at the center of a GDPR-related lawsuit that should clarify at least one of the many unknowns when it comes to achieving compliance with the data-privacy regulation. The suit was filed last week by ICANN, the nonprofit body responsible for administering the...