Privacy or Accountability: What the Redaction of WHOIS Data Means for Cybersecurity
WHOIS data has usually been the starting point for security professionals, incident responders, and forensic investigators when a suspected cyber attack takes place. WHOIS registrant, administrative, and technical details are deemed reliable by investigators, as using fake registrant credentials when purchasing a domain is a violation of the Internet Corporation for Assigned Names and Numbers (ICANN) terms of service.
By making it a requirement for domain owners to provide their email address and other personal details and making them publicly accessible, the ICANN has somehow given them the accountability to use their websites ethically and legally. While this policy has neither eradicated nor even prevented cybercrime completely, it does provide a valuable resource for forensic investigation and threat prevention.
As such, these publicly available records have been used to trace sources of malware, detect and investigate fraud, as well as tracking down cyber attackers.
A registrant’s email address, for instance, allows investigators to directly contact the owner of a domain without having to go through other channels. Email addresses are also a handy resource for domain disputes and complaints about copyright infringement, among other things. WHOIS data, in its totality, is an abundant reservoir that aids organizations in strengthening their cybersecurity posture.Read more
Can Domain Intelligence Help Healthcare Service Providers Combat Data Breaches?
Hospitals and other healthcare service providers have been among criminals’ favorite breach targets in the past few years. One of what has been dubbed the biggest data breaches of the 21st century involved a healthcare insurance giant — Anthem.
The Anthem breach reported in February 2015 was said to have exposed around 78.8 million customer records. This incident put the personal data of the insurer’s clients at risk of theft. The question is: could Anthem have prevented the breach? This downloadable white paper will take a look at the case in greater detail and illustrate how Domain Research Suite can help.Read more
How Domain Data Can Help Law Enforcement Agencies Nab a Cybercriminal Gang Mastermind: The Business Club Case
It’s no secret that Cybercriminal operations are not very different from how legitimate businesses operate. Much like a CEO heads a global corporation, a mastermind may stand behind the most notorious and widespread cybercriminal gang.
In the early 2000s, the most prominent cybercriminal rings had a mafia-like structure as they were led by the so-called “dons”. Each don had a right-hand man known as a “consiglieri,” who made sure the wheels of the operation kept turning.
The very first cybercriminal gangs that gained notoriety for reaping millions of dollars from victims the world over while evading capture for years include CarderPlanet, Shadowcrew, and the RBS WorldPay Gang. Times may have changed, and the rings’ structure, tools, tactics, and targets may no longer follow those of the old crews, but cybercriminal attacks continue to linger on. Though we still see reports on the misdeeds of individual threat actors today, cybercriminal rings continue to wreak greater havoc due to the scale of their operations — the case in point: The Business Club.Read more
Online Brand Protection: Fighting Domain Name Typosquatting,
Website Spoofing, and Phishing
They say that becoming a cybercrime victim is, in this day and age, a matter of “when” and not “if.” But that doesn’t mean you should let fate determine your company’s future. Focus instead on enhancing your business’s security posture by protecting your brand from all sorts of online threats. A great means to safeguard your digital assets is through Brand Monitor — a specialized online brand protection component of the WhoisXML API Domain Research Suite.
This white paper will tell you how Brand Monitor can help your company combat specific cyber threats like domain name typosquatting, website spoofing, and phishing.Read more
Domain Name System Primer
In this white paper, we give an overview of the Domain Name System, or DNS, one of the pillars of the Internet. We start by understanding the goal: to assign names to named resources on the Internet and to maintain their database. For this, it is important to understand the structure of domain names and DNS zones. The roles of the actors in the system are domain maintainers, registries and Network Information Centers. The structure of delegation of authority will also be clarified. We give an overview of the structure of data available in the DNS, notably, the resource records (RRs) occurring in zone files. We also review the technology side: the DNS protocol, its operations supporting queries of name resolution, zone file transfers necessary to maintain the system and for reverse mapping. We briefly mention the most popular implementations, notably, BIND, which may be the most prevalent DNS server software. This necessitates a little insight into netblocks and Classless Inter-Domain Routing (CIDR). We address the internal security issues of the DNS as well as the crucial role it plays in cybersecurity. Finally, we provide some references for further reading.Read more
The IP Geolocation API Guide: Why Tracking Web Users’ Whereabouts Matters
Where are our customers? This is one of the questions businesses keep asking because when they know the answer, it is easier to plan out strategic and tactical operations — e.g., reaching out to target audiences, setting up offices and stores, promoting new products, and gaining momentum.
Location is also a crucial element of interacting with clients, and it should not only be taken into consideration by brick-and-mortar organizations but also by online stores whose buyers are scattered all over the Web.
So how can businesses get their hands on such critical information? That’s simple: They can leverage the power behind the IP addresses of their customers with IP geolocation, a technology that enables organizations to obtain location-based data quickly and, as a result, find out where their consumers are.
In this whitepaper, let’s see how employing IP Geolocation API can benefit companies and what its most prominent use cases across industries are.Read more
WHOIS Database Download:
13 Business, Cybersecurity, and other Applications Explored
The Web is a tangle of information. Data is everywhere and finding reliable sources can be a challenge in the era of fake news. Websites, as a prime example, can be informative, misleading, or even dangerous.
You may get your hands on something useful or be deceived into clicking on the wrong links or downloading unintended files... and learning more about domain owners and assessing whether they’re trustworthy or with a hidden or malicious agenda is notoriously hard.
This is where the powers of WHOIS database download services come in, whose applications are multiple — ranging from cybersecurity to marketing research to criminal investigation to ensuring a top position in search engine results. How so? This white paper considers a variety of use cases.Read more
Fight against phishing e-mail with WHOIS:
A technical blog based on the 2018 "Airbnb" case
Phishing is a way to obtain sensitive information by sending electronic communication pretending to have come from a reliable, trustworthy partner. According to the 2018 IBM X-Force Threat Intelligence Index, "Despite the increased use of chat and instant messaging applications, email continues to be one of the most widely used communication methods for any organization, and phishing attacks continue to be one of the most successful means of making unknowing insiders open the door to malicious attackers."Read more
What you should know about WHOIS and Security
If you’ve ever looked at a WHOIS entry, you probably know how much valuable information is contained within the records of just one domain registration. When this information is accurate, it can make getting in touch with other parties on the web a lot easier. In the real world however, accessing consistently accurate WHOIS data is more of a goal than anything else. For every accurate WHOIS record, there are many more inaccurate and sometimes fraudulent records...Read more
Open WHOIS advocates push for U.S. legislation to counter GDPR
The domain information lookup service WHOIS publishes data about the owners of websites around the world. WHOIS also contains personal information of the European Union (EU) citizens. Further, the database maintains location and infrastructure information of cybercriminals who set up websites with malicious intent...Read more
Cyber Security Investigation and Analysis
The Internet is not just the hotspot of all things digital and technical. Largely due to its ubiquity and countless (and frequently anonymous) points of entry, the web has given rise to a new breed of outlaw – cybercriminals who prey on the wealth of valuable information available online...Read more
GDPR’s Chilling Effect on Cybersecurity
The European Union (EU) may unintentionally be giving cyber criminals a helping hand. The EU’s well-intentioned efforts to promote data privacy through its newly launched General Data Protection Regulations (GDPR) have also put handcuffs on the efforts of cybersecurity professionals to protect individuals and organizations from hackers. Unless global Internet authorities and infosec professionals are able to achieve a rapprochement with the EU, black hats may gain unprecedented advantages over white hats. Otherwise, the cybersecurity community will have to develop new approaches to protecting individuals and enterprises against hackers...Read more