As we work towards understanding the preferences of cyberattackers, our analysis focuses on three categories of features: registration attributes (including domain pricing, payment methods, API access, and free services), proactive verification (such as registrant information validation and registration restrictions), and reactive security practices (malicious domain uptimes).
Read more about the feature selection in our blog.
Great to see our colleague, Youssef Abyaa, presenting at the Workshop on Traffic Measurements for Cybersecurity (WTMC) during IEEE Euro S&P earlier this week! In his talk, he showcased how to leverage BIMI to build a validated dataset of brands, domain names, and logos.We’re pleased to have supported this year’s workshop edition. Check out the full program here: https://wtmc.info/index.html
We are happy to share that our research paper got accepted to ACM Conference on Computer and Communications Security (CCS) 2025. This work builds on the INFERMAL report and investigates the preferences of malicious actors when registering domain names for phishing — an important step toward understanding and mitigating DNS abuse.We are looking forward to present our work in October in Taiwan. Read more about the conference and how to participate.
We’re pleased to share that our Cybersecurity Researcher Yevheniya Nosyk has been selected as a new co-chair of the RIPE DNS Working Group. The WG focuses on the operational aspects of DNS, including deployments, measurements, and security. We're pleased to take a more active role in supporting that work.Learn more about the RIPE DNS Working Group here.