search menu icon-carat-right cmu-wordmark

Posts by Chad Dougherty

Blog Reorganization

Blog Reorganization

• Blog
Chad Dougherty

Hi, folks. As you can see, we've changed the name of the Vulnerability Analysis Blog to the CERT/CC Blog. With this name change, we're expanding the focus of the blog to include content from other technical teams. The current RSS and Atom feeds will continue to work, but you may want to update to the corresponding new feed location now (RSS, Atom) in order to avoid any problems in the future. Past blog entries will...

Read More
Study of Malicious Domain Names: TLD Distribution

Study of Malicious Domain Names: TLD Distribution

• Blog
Chad Dougherty

Hello, folks. This post comes to you courtesy of Aaron Shelmire from the Network Situational Awareness team. Aaron writes: Recently the Network Situational Awareness team at CERT has been researching the characteristics of malicious network touchpoints. The findings of this initial research are very telling as to the true state of security on the internet....

Read More
Top-10 Top Level and Second Level Domains Found in Malicious Software

Top-10 Top Level and Second Level Domains Found in Malicious Software

• Blog
Chad Dougherty

Hello folks. This post comes to you courtesy of Ed Stoner and Aaron Shelmire from the Network Situational Awareness group at CERT. They write: Recently there have been some statistics published on botnet Command & Control (C2) channels. These statistics claim that 94.58% of botnet C2 channels are under the .com top level domain (TLD). While it's impossible to accurately comment on those statistics without knowing the methodology used to arrive at them, we at...

Read More
Recommendations to Vendors for Communicating Product Security Information

Recommendations to Vendors for Communicating Product Security Information

• Blog
Chad Dougherty

Hi, this is Chad Dougherty of the Vulnerability Analysis team. One of the important roles that our team plays is coordinating vulnerability information among a broad range of vendors. Over the years, we have gained a considerable amount of experience communicating with vendors of all shapes and sizes. Based on this experience, we can offer some guidance to vendors about communicating product security issues....

Read More

Contact the Author

Chad Dougherty

SEI Digital Library

SEI Publications

Visit the SEI Digital Library to see other publications by Chad Dougherty

View publications