Tell #Congress : No to Internet #Blacklists

#FADPA , and other proposals in the works, would force internet service providers (ISPs) and domain name system ( #DNS ) providers to block sites, including U.S. sites, based on one-sided #copyright accusations, even when those sites also host lawful content.
#isp #privacy

https://act.eff.org/action/tell-congress-no-to-internet-blacklists

people in the #IT field should start referring to ICANN as "mother" same way people back in the day refereed to the Bell Telephone Company as "Ma Bell" back when they had a monopoly. ICANN is the modern equivalent as they hold a monopoly on the Internet's naming system.

Meine Datenschutz und Privatsphäre Übersicht 2025, für die Allgemeinheit

Teilen er­be­ten

als PDF:

https://cryptpad.digitalcourage.de/file/#/2/file/NdmBgSYkRCto8B+JmJkE9mQ4/

 #DSGVO #TDDDG ( #unplugtrump )
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #Digitalisierung #FragdenStaat #Shiftphone  #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena  #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz

One of our researchers recently received a text from an unknown number saying they were eligible to receive a full refund for an Amazon order. The message contained a link to a URL on t[.]co, Twitter/X's link shortener. Clicking the link led to the domain 267536[.]cc, which hosted an Amazon phishing page.

From this lead, we were able to find many more domains hosting the same content. The actor registering the domains seems to like .cc, the country code TLD for the Cocos Islands.

Sample of the domains:
236564[.]cc
267536[.]cc
671624[.]cc
687127[.]cc
319632[.]cc

Any #DNS folks know if Authenticated DNS over TLS to Authoritative Servers (ADoT) is going anywhere? Doesn’t look like recent activity on the drafts since 2022

https://www.ietf.org/archive/id/draft-dickson-dprive-adot-auth-06.html

https://datatracker.ietf.org/doc/html/draft-hal-adot-operational-considerations-00.html

And, finally, an application for AI in the DNS.... https://easydns.com/blog/2025/04/01/easydns-first-to-use-ai-to-answer-all-dns-queries/

this one will help sell printer cartridges!
#dns

This is adorable!

From our friends at #NLnetLabs ... get a bound version of the phone book of the Internet.

https://nlnetlabs.nl/news/2025/Apr/01/phonebook-of-the-internet/ #dns

In a world where things can feel topsy-turvy...we've decided to turn everything on its head today. Join the movement!

𝐋𝐚𝐚𝐭𝐬𝐭𝐞 𝐩𝐥𝐚𝐚𝐭𝐬𝐞𝐧 𝐒𝐈𝐃𝐍 𝐓𝐞𝐜𝐡𝐓𝐚𝐥𝐤! Wees er snel bij voor een avond met 2 interessante sprekers: Rejo Zengers (Bits of Freedom) over de controversiële Europese verordening Chat Control en Willem Toorop (NLnet Labs) over het DNS-recordtype DELEG. Uiteraard is er ook ruimte voor vragen en discussie.

Meld je gratis aan en geniet van een gratis maaltijd vooraf en een borrel na afloop. https://www.meetup.com/sidn-techtalk/events/306568645/?utm_medium=referral&utm_campaign=share-btn_savedevents_share_modal&utm_source=link

#adminForge #Spenden Update März 2025

2.588,42 € erreicht!

Es sind 888,22 € in 82 Transaktionen hinzugekommen!!!
Vielen Dank an alle Unterstützer, macht weiter so

https://adminforge.de/unterstuetzen

#Ente https://erpel.cloud
#Pixelfed https://pixelshot.it
#PeerTube https://clip.place
#LinkStack https://linklist.me
#OpenTalk https://teamjoin.de
#DNS https://dnsforge.de
#Nextcloud https://my.adminforge.de
#Mastodon https://kanoa.de
#Matrix https://nope.chat

Exploring Domain Generation Algorithms (DGAs) in Malware

Domain Generation Algorithms (DGAs) enable malware to change its domain dynamically. Below is an article I wrote years ago, which explains the difference between seed based and dictionary based algorithms.

https://malwareandstuff.com/dgas-generating-domains-dynamically/

Upgraded all four of my pihole instances to v6. They’re working perfectly!

I love how a bunch of the “advanced” settings are now available from the UI. It makes initial set up so much easier.

Our Quad9 documentation is now also available in #Romanian (https://docs.quad9.net/ro/) thanks to the help of our friend, Toma Minea (https://www.linkedin.com/in/toma-minea-86900582/).

Access to domain registration data is neither timely nor uniform. In today's Interisle Insights post, Colin Strutt shares the challenges that law enforcement, first responders, and researchers face in collecting even the “non contact registration data” elements to identify where cybercriminals acquire resources for their attacks.

https://interisle.substack.com/p/limiting-access-to-domain-registration

Un mouvement facho essaye de prendre le contrôle de l'équivalent de l'#AFNIC en Nouvelle-Zélande : https://www.feijoadispatch.nz/p/free-speech-union-plans-hostile-takeover

2600 personnes ont pris une adhésion récemment (alors qu'il n'y avait que 400 adhérents récemment), dans l'idée de prendre le contrôle de l'organisation, pour lutter contre un changement de statuts qui indiquerait une volonté de combattre le racisme entre autres…

#Phishing-as-a-service operation uses DNS-over-HTTPS for evasion

https://www.bleepingcomputer.com/news/security/phishing-as-a-service-operation-uses-dns-over-https-for-evasion/

Malicious actors have taken notice of news about the US Social Security System. We've seen multiple spam campaigns that attempt to phish users or lure them to download malware.

Emails with subjects like "Social Security Administrator.", "Social Security Statement", and "ensure the accuracy of your earnings record" contain malicious links and attachments.

One example contained a disguised URL that redirected to user2ilogon[.]es in order to download the trojan file named SsaViewer1.7.exe.

Actors using social security lures are connected to malicious campaigns targeting major brands through their DNS records.

Block these:

user2ilogon[.]es
viewer-ssa-gov[.]es
wellsffrago[.]com
nf-prime[.]com
deilvery-us[.]com
wllesfrarqo-home[.]com
nahud[.]com.

#dns #lookalikes #lookalikeDomain #threatintel #cybercrime #threatintelligence #cybersecurity #infoblox #infobloxthreatintel #infosec #pdns #malware #scam #ssa

blog! “How to prevent Payment Pointer fraud”

There's a new Web Standard in town! Meet WebMonetization - it aims to be a low effort way to help users passively pay website owners.

The pitch is simple. A website owner places a single new line in their HTML's <head> - something like this:

<link rel="monetization"…

Read more: https://shkspr.mobi/blog/2025/03/how-to-prevent-payment-pointer-fraud/
⸻
#CyberSecurity #dns #HTML #standards #WebMonitization

I just glanced at something called a "Nintendo DS emulator", and I've understood it.

They have no DNSKEY, you see, so they have to emulate the DS.