Security Threat Monitoring Beta

Posted on 2 November 2020

In this article/faq, I will explain the security threat dashboarding/monitoring. 

What is it?

In the first beta phase, we will make the threat intelligence we download from Pulsedive available to our customers in the domain manager. 

If you are a customer of Realtime Register you can join the beta program. 

Please contact our support team for information.

As a customer, you will be able to see the active security threats. 

Security threats could be phishing domain names or malware domain names. 

The Abuse Dashboarding provides you with information that usually does not get reported to Registrars. 

As a result, you …

Putting DNS Abuse into context.

Posted on 19 September 2020

We are currently working on a project to provide abuse monitoring information to our customers.
Giving our customers just the raw data is not helpful, so our goal is to contextualize the data.
We still have long ways to go, but the basics are there.

So what do I see right now on our platform?

 

  • Malware (67%)
  • Phishing (23%)
  • The rest falls into somewhat general buckets like BEC fraud, DGA, botnets, dark lists, crypto mining, etc. Very low incidental percentages.

The above-mentioned data is from two years of monitoring.

On the left is displayed the overall abuse percentage since …

RiskReact on Domain Name Security & Domain Locks

Posted on 26 May 2020

RiskReact is a service of Realtime Register B.V. with a focus on security threats, cyber intelligence & OSINT.

Last year a registrar employee was the victim of social engineering resulting in an unauthorized transfer of a domain name. 

A few months ago, a registrar employee was the victim of a spear-phishing attack, resulting in a DNS hijack. 

A possible solution to counter such issues and other risks is a Domain Name Registry Lock. 

Domain name registry locks are available for many TLDs. They all cover the same basic level of protection. 

  • Domain name update lock, preventing unauthorized or accidental updates …

Additional MFA support at Realtime Register

Posted on 25 May 2020

In addition to the recent introduction of adding API keys, now we are adding Multi-Factor Authentication support. Multifactor authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction.

Multifactor authentication combines two or more independent credentials: what the user knows (password), what the user has (security token) and what the user is (biometric verification).

We will support the following methods for MFA:

  • Webauthn (FIDO2) supporting Touch or Pin and Touch sensor like Yubikey with secure elements, Software authenticators and also …

.SE & .NU removing forms requirement on transfers and registrant changes.

Posted on 31 January 2020

Last year in the new Registry-Registrar agreement the Swedish registry has made “everyday life easier” by lifting the required transfer form that needed to be filled in when transferring a domain / changing a registrant.

Due to this from February 3rd onward no more manual work is needed with a .SE/NU transfer and every change will have a digital timestamp. The implications and changes in behavior compared to the current situation that you may be used to are:

  •  Domain update with registrant change is not charged anymore.
  • No more registrant change form/mail.
  • External & internal transfers will no longer keep …

Streamlining domain name abuse reports and disclosure requests

Posted on 24 October 2019

We released a few new features, one of them, RDAP reseller Vcard. 

To further streamline abuse reports & disclosure requests, Realtime Register introduces the Abuse Vcard. This Vcard will display your (reseller role) abuse contact details through RDAP. 

Showing your (external) abuse contact information will increase the speed of abuse reporting. 

Internal abuse email address/information. 

Resellers can also enter abuse contact information for our abuse & support staff. 

We are not setting requirements here for our resellers, but it would be good if this email address is monitored 24/7. We intend to use this info for emergency communications when dealing …

Using Spiderfoot to combat domain name abuse/security threats

Posted on 21 October 2019

“Behavior reflects personality. The best indicator of future violence is past violence. To understand the “artist,” you must study his “art.” The crime must be evaluated in its totality. There is no substitute for experience, and if you want to understand the criminal mind, you must go directly to the source and learn to decipher what he tells you. And, above all: Why + How = Who.”
― John E. Douglas, Mindhunter: Inside the FBI’s Elite Serial Crime Unit

The above quote is also applicable when you deal with cybercrime investigations. Though registrars usually do not deal with serial killers, …

Nic IT and consent for publishing data?

Posted on 2 May 2019

The Italian registry has made some changes to their production system and in my opinion, it is not an improvement.

Till today you could opt out for publishing data in the WHOIS for the following entities:

  • Natural persons Italian and EU based
  • Freelance workers/professionals (Italian based)
  • Italian Companies/one-man companies (Italian based)
  •  Public organizations (Italian based)
  •  Non-profit organizations(Italian based)
  •  Foreign companies/organizations matching 2-6 (EU based)
  •  Other subjects (Italian based)

Since today the opt-out is available for natural persons only.
All other entities must agree to the fact that its data will be published in the WHOIS. If the registrant is …

Brexit & Domain Names, recipe for Chaos?

Posted on 21 January 2019

The short answer is no, depending on the scenario.

While there are many Brexit experts, their views and opinions are not helping when it comes to making business decisions. When it comes to predictions, it might be even better to check the British bookmakers and get a sense of the betting odds if there will be a Brexit or not.

 

However, we can make a few assumptions when it comes to domain names and the Brexit, let us assume the worst scenario; hard Brexit, as in no deal.

The issue
In case of a, no deal Brexit currently slated …

Brexit, and the impact on .EU domain names, sound the alarm?

Posted on 8 August 2018

Update 04-01-2019

The British government issued further guidance regarding the Brexit and Eurid.

Click here to view the guidance and scenarios.

Update 05-11-2018

It seems very likely the two scenarios posted below are the most likely outcome as we quickly move towards the deadline of 29th of March 2019.

(1) If the UK exits the EU and becomes a temporary member of the European Economic Area (EEA) there will be no issue until the duration of such membership.

(2) If however, it turns out to be a “hard Brexit” or “no deal Brexit” than registrars are no longer in a …

Realtimeregister.com tracks users anonymously using Google Analytics cookies. Please view our Privacy Statement for more information.