Whois Hijacking

Have you ever researched an Internet domain, waited a bit and then, when you go to buy it, it's gone? You may have been a victim of whois hijacking.

Several security researchers have been focusing in the last few weeks on "Cross-Site Scripting" vulnerabilities in various Web sites. A Russian research site has just revealed one of many in the PayPal site.

As the Internet Storm Center is reporting, an exploit is publicly available for the recently-revealed vulnerability in Microsoft Windows' DHCP client. We have seen the exploit as well.

It is important for all users to apply this update as soon as possible.

In early July 2006, as hostilities flared up between Israel and Palestinians in the Gaza strip, an attack was initiated on servers belonging to Israeli and pro-Israeli organizations by a Moroccan hacking group named "Team Evil."

The major opening for Team Evil was the fact that Internet-facing applications on the servers were not kept up to date with the most recent security patches. This gave the attackers publicly-known avenues for attack.

Security Tip: 4 Reasons Why You Should ALWAYS Update Your Domain Name's Contact Details

Too many people don't keep their domain contact information up to date. Whatever one's problems with the contact information rules—and there are major downsides to having to have contact information public, as ICANN mandates—the information serves an important purpose in keeping you in touch for important communications.