Blog Post

What CSPs Can Learn from the Latest DDoS Attacks

By Craig Sprosts, Vice President, Product Management & Strategy

Posted on October 24, 2016 in: General, Security

Tags: , ,

On Friday, October 21, 2016, there was a major distributed denial of service (DDoS) attack that took down major U.S. company websites, including Twitter, Paypal, The New York Times, Box, Netflix and more. The attack targeted managed DNS provider Dyn Inc., which hosts the authoritative DNS for these popular domains. The attack originated from a large number of compromised IoT devices, including internet-connected cameras, routers and digital video recorders.

Read more

Blog Post

Examining the Long-Tail of DNS Queries: A Hotbed of Cybercriminal Activity

By Yuriy Yuzifovich, Head of Data Science and Security

Posted on October 11, 2016 in: General, Security

Tags: , ,

Data scientists put in a tireless amount of work tracking cybercriminals—from specific individuals to entire organizations—looking at their behavior and the methods through which they attempt to compromise data. Because DNS is a ubiquitous protocol that’s used for most internet interactions, it also provides fertile ground for cybercriminals to launch malware. Nominum Data Science examines massive volumes of DNS data—100 billion queries daily—to detect anomalies and uncover the patterns of malicious code authors before other security experts.

Read more

Blog Post

Unlocking Locky

By Mikael Kullberg, Nominum Data Science

Locky

Posted on June 2, 2016 in: General, Network, Security

Tags: , , , , ,

Locky is a new cyberthreat that has received a lot of attention in security circles over the last few months because it has been unusually successful. Locky is advanced ransomware that encrypts a person’s files and holds them for ransom. It uses a number of different technologies to avoid being detected or blocked and takes great care to hide its path back to the attackers. The code is obfuscated to avoid detection by antivirus and malware software. The blackmailers communicate through TOR and only accept Bitcoin as payment, making it nearly impossible to discover who they are.

Read more