Tag: domain | SpinSafe

Massive ransomware attack on state email domain

September 10, 2023/in Internet Security

COLOMBO (News 1st) – The Information and Communication Technology Agency of Sri Lanka has officially confirmed a severe data loss incident affecting all government offices using the “gov.lk” email domain, including the Cabinet Office, due to a large-scale ransomware attack between May 17 and August 26, 2023.

The Cabinet Office is one of the entities within the Lanka Government Network (LGN), utilizing the “[email protected]” email domain.

Crucial government information are exchanged via these email domains.

However, ICTA told News 1st that only some data under the purview of the of the President’s Office, Cabinet Office, Ministry of Education, and Ministry of Health were affected by the ransomware attack.

What is a ransomware attack?

Ransomware is a malware designed to deny a user or organization access to files on their computer.

Ransomware is often spread through phishing emails that contain malicious attachments or through drive-by downloading.

Ransomware attacks can cause costly disruptions to operations and the loss of critical information and data.

What happened?

ICTA Communications disclosed that the ransomware could have impacted approximately 5,000 email addresses.

Director of Strategic Communications at ICTA Sampath de Silva told News 1st that there was no offline backup for a critical two-and-a-half-month data period.

The online backup system was also compromised, resulting in the loss of emails during this time frame.

How has the ICTA responded to the incident?

Director of Strategic Communications at ICTA Sampath de Silva that in response to this incident, ICTA is implementing the following measures:

Daily Offline Backup: ICTA is instituting daily offline backup processes to prevent future data losses.

Application Upgrade: The relevant application will upgrade to the latest version with enhanced defences against virus attacks.

Can the lost data be recovered?

In collaboration with ICTA, the Sri Lanka Computer Emergency Readiness Team (SLCERT) is actively engaged in efforts to recover the lost data.

Latest News

Source…

Domain Name System is once again front and center for exploits and security policy

June 26, 2023/in Internet Security

Two recent events are once again bringing the internet’s foundational Domain Name System into the news, and not in a good way.

The first event involving the DNS last week was a warning from the Cybersecurity Infrastructure and Security Agency issued on Friday for version 9 of the Berkeley Internet Name Domain, or BIND.

It calls attention to three exploits that were disclosed and requires updates to this open source software, which is used by thousands of companies and government websites to translate the alphabetic domain names, such as SiliconANGLE.com, and a set of numerical IP addresses, such as like 35.91.118.127, back and forth. The exploits would allow remote malware execution, although none has yet been observed in the wild.

DNS is an essential glue protocol that almost every internet-related service depends on, and BIND is the most popular way DNS entries are manipulated and managed. Exploits are common targets for hackers, who can redirect traffic to their own malicious destinations, useful for phishing and subsequent data stealing operations. The recent Microsoft Layer 7 attack, for example, leveraged a few DNS exploits.

This isn’t the first alert regarding BIND, and isn’t even the first alert seen in 2023: Back in January, there was another alert that could cause denial-of-service and other system failures. Both alerts urge users to update their versions to current patched levels.

The second news item relevant to DNS concerns an open letter issued Friday by Vint Cerf, Stephen Crocker, Carl Landwehr and several others, entitled “Concerns over DNS Blocking.” The authors of this Medium post have been involved in internet protocol development and overall internet governance for decades.

The letter was sent in response to a draft bill under consideration in the French parliament entitled draft Military Planning Law 2024-2030 that was issued in early May. The authors state that the proposals “pose grave risks for global Internet security and freedom of expression.”

The meat of the proposed laws would enable wholesale DNS blocking of any internet provider operating in France. The authors claim the proposals would do more harm than good, and they…

Source…

The most expensive domain name in history isn’t doing too well with site traffic

February 26, 2023/in Internet Security

Owning a domain name will typically cost between $10 and $20 per year, but this is just a drop in the ocean in terms of a possible price tag, new data has revealed.

Top web hosting (opens in new tab) company Hostinger (opens in new tab) released a study looking into the top seven most expensive domain names in history, with the most expensive domain costing $30 million in 2019.

Voice.com was bought by a team of technologists, artists and curators from enterprise analytics and software company MicroStrategy, with Hostinger’s data suggesting the transaction wasn’t great value for money based on the site’s monthly traffic figures (88.8k per month).

Top dollar domains

The top seven websites cost a combined amount of $109 million and include the domain names: 360.com, NFTs.com, Sex.com, Fund.com, Hotels.com and Tesla.com.

The domain name 360.com was owned by Chinese internet security company 360 Security Technology, but was bought by Vodafone for $17 million back in 2015.

SimilarWeb data shows its traffic does significantly better than the most expensive domain with 23.9 million monthly visitors, making it the 154th biggest website in China.

What’s more, the domain name Sex.com was sold in November 2010 from Escom to Clover Holdings after it won an auction.

Currently, the domain name receives more traffic than the rest of the top five sites combined, with 64 million visitors each month, and it’s currently on sale, with minimum bids of $20 million so far.

“It’s fascinating to see how much money has exchanged hands for specific domain names – the cost of the seven names in the list adds up to more than $100 million,” said a spokesperson from Hostinger.

“For multi-billion-dollar companies, the outlay is relatively small, especially if it secures your presence on the web, strengthens your brand and provides a good stream of traffic to your site. However as this study shows, spending millions of dollars on the domain name doesn’t guarantee millions of website visitors.”

As far as Tesla.com goes, CEO Elon Musk previously mentioned that it took him ten years to buy the domain from Silicon Valley engineer Stuart Grossman for around $11 million.

Source…

Internet’s most expensive domain gets just 88,800 monthly visitors

February 15, 2023/in Internet Security

Call it bizarre but the most expensive domain ever on Web, that was bought for $30 million, receives only 88,800 visitors per month while the third costliest Internet domain name has no registered monthly traffic, a report showed on Wednesday.

The voice.com website describes Voice as “a team of technologists, artists and curators using the transformative power of NFTs to make digital art collectable”.

The company bought the domain name in June 2019 from enterprise analytics and software company MicroStrategy but the $30 million investment doesn’t appear to have delivered much return so far.

Voice.com’s monthly traffic according to SimilarWeb currently stands at around 88,800, according to data by web-hosting provider Hostinger.

“It’s fascinating to see how much money has exchanged hands for specific domain names – the cost of the seven names in the list adds up to more than $100 million,” said a Hostinger spokesperson.

For multi-billion-dollar companies, the outlay is relatively small, especially if it secures your presence on the web, strengthens your brand and provides a good stream of traffic to your site.

“However as this study shows, spending millions of dollars on the domain name doesn’t guarantee millions of website visitors,” the spokesperson added.

360.com belongs to the Chinese internet security company 360 Security Technology Inc, and currently receives 23.9 million monthly visitors, which ranks it as the 154th biggest website in China.

The domain name was bought from Vodafone in February 2015 for $17 million.

At third place, NFTs.com is one of the most recent sales in the top 10, after it was purchased in August 2022 for $15 million.

The site currently contains very little information, but says it is “powered by DigitalArtists.com Marketplace”.

Despite the large price tag, there isn’t enough info for SimilarWeb to estimate its traffic, indicating that very few people are visiting the site.

Sex.com domain name was sold for $13 million in November 2010 from Escom to Clover Holdings after it won an auction.

“The provocative name…

Source…

Tag Archive for: domain

Latest News