Blog Post

Protect and Enhance the Subscriber Experience to Grow the Bottom Line

By John Arledge, General Manager

protect-enhance-bottom-line

Posted on July 19, 2016 in: Marketing

Tags: , , , , , ,

For service providers undergoing digital transformation, the importance of subscriber and network protection cannot be understated. When subscribers and networks are at risk of attack or infection, a provider’s digital strategy is weakened and business growth limited.

Read more

Blog Post

Unlocking Locky

By Mikael Kullberg, Nominum Data Science

Locky

Posted on June 2, 2016 in: General, Network, Security

Tags: , , , , ,

Locky is a new cyberthreat that has received a lot of attention in security circles over the last few months because it has been unusually successful. Locky is advanced ransomware that encrypts a person’s files and holds them for ransom. It uses a number of different technologies to avoid being detected or blocked and takes great care to hide its path back to the attackers. The code is obfuscated to avoid detection by antivirus and malware software. The blackmailers communicate through TOR and only accept Bitcoin as payment, making it nearly impossible to discover who they are.

Read more

Blog Post

Ghosts Haunt Internet II: Android Malware

By Hongliang Liu

Posted on September 30, 2015 in: Network, Security

Tags: , , ,

Android fans were probably chuckling over the XcodeGhost malware news – hackers don’t often penetrate Apple’s defenses. This provoked the Nominum Data Science team to take a look at what’s happening with malware targeting Android. Common wisdom is Android is exposed because there’s less rigor in the development and supply chain, and third party app stores with no protections are popular. Determined hackers can allegedly subvert defenses and get various kinds of exploits placed on mobile devices running the highly popular operating system. But what does the data show?

Read more

Blog Post

XCodeGhost Haunts the ‘Net

By Hongliang Liu

Posted on September 23, 2015 in: Network, Security

Tags: ,

The DNS offers visibility into many kinds of Internet trends including various security threats. We’ve reported extensively on DNS DDoS and Nominum Data Science also tracks botnet activity. In this case queries for Command and Control (C&C) domains for the recently disclosed XcodeGhost malware were observed in September. Infected development tools were reported to have been used for the popular iOS app WeChat.

Read more

Blog Post

Better than Bot Takedowns

By Thomas Orthbandt

Posted on March 3, 2015 in: Network, Security

Tags: , ,

Europol recently took control of the ramnit botnet in order to disrupt more than 3.2 million infections around the world. Ramnit is a sophisticated bot that appeared in 2010 and spread quickly. It enables remote access to infected machines and can steal files and credentials. It can also monitor web browsing and even use stolen website cookies to impersonate victims. Internet users are nearly always unaware they have been infected by malware and usually not well equipped to deal with infections even when they are made aware. It is also not realistic to expect all bots will be taken down, in fact the reverse is true, few bots are.

Read more

Blog Post

A Win Win in the Malware Battle

By Thomas Orthbandt

Nominum Logo

Posted on October 11, 2012 in: Security

Tags:

Last month Microsoft led an effort to take control of a domain – 3322.org – in order to disrupt more than 500 different strains of malware affecting millions of innocent people around the world. Using a surgical approach implemented with software from Nominum, Microsoft was able to sinkhole traffic to malware subdomains hosted on 3322.org without impacting queries to legitimate subdomains. Numerous articles covered the effort; some of the better ones are below:

Read more

Blog Post

A Better Way to Protect Networks and End Users

By Thomas Orthbandt

Nominum Logo

Posted on December 15, 2011 in: Network, Security

Tags: , , ,

Everyone agrees protecting Internet users from malware and social engineering exploits like phishing is a valuable thing to do.  At minimum these attacks are a nuisance because they degrade the Internet experience, worst case they can be costly and dangerous.  But protecting networks and end users is becoming more difficult because attackers are making their exploits more dynamic and thus harder to detect.  This is stressing some solutions, like client software, that have been a primary means of protecting end systems.

Read more