8 matches found
.US Harbors Prolific Malicious Link Shortening Service
The top-level domain for the United States -- .US -- is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. The findings come close on the heels of a report that identified .US domains as amo...
Why is .US Being Used to Phish So Many of Us?
Domain names ending in ".US" -- the top-level domain for the United States -- are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the target of phishing domains ending in .US. Also, .US domains...
DNSSEC Key Signing Key Rollover
On October 11, 2018, the Internet Corporation for Assigned Names and Numbers ICANN will be changing the Root Zone Key Signing Key KSK used in the Domain Name System DNS Security Extensions DNSSEC protocol. DNSSEC is a set of protocol extensions used to digitally sign DNS information, an important...
DNSSEC Key Signing Key Rollover
On October 11, 2017, the Internet Corporation for Assigned Names and Numbers ICANN will be changing the Root Zone Key Signing Key KSK used in the domain name system DNS Security Extensions DNSSEC protocol. DNSSEC is a set of DNS protocol extensions used to digitally sign DNS information, which is...
Rapid7 urges NIST and NTIA to promote coordinated disclosure processes
Rapid7 has long been a champion of coordinated vulnerability disclosure and handling processes as they play a critical role in both strengthening risk management practices and protecting security researchers. We not only use coordinated disclosure processes in our own vulnerability disclosure and...
United States set to Hand Over Control of the Internet to ICANN Today
Since the foundation of the Internet, a contract has been handed over to the United States Commerce Department under which the department had given authority to regulate the Internet. After 47 years, this contract ends tonight at midnight EDT i.e. Saturday, October 1st, 2016. If you think that th...
Katie Moussouris on Free ISO 29147
Threatpost Op-Ed is a regular feature where experts contribute essays and commentary on what’s happening in security and privacy. Today’s contributor is Katie Moussouris @k8em0. Today marks an exciting development in the often monotonous rehashing of vulnerability disclosure. The ISO standard tha...
U.S. Government Wades Into Vulnerability Disclosure
Security researchers and software vendors have spent decades trying to work out the process of vulnerability disclosure, with limited success. Now the federal government is joining the fray in hopes of getting the two sides to play nice. The National Telecommunications and Information...