search menu icon-carat-right cmu-wordmark

Archive: 2010

Study of Malicious Domain Names: TLD Distribution

Study of Malicious Domain Names: TLD Distribution

• CERT/CC Blog
Chad Dougherty

Hello, folks. This post comes to you courtesy of Aaron Shelmire from the Network Situational Awareness team. Aaron writes: Recently the Network Situational Awareness team at CERT has been researching the characteristics of malicious network touchpoints. The findings of this initial research are very telling as to the true state of security on the internet....

Read More
CERT Basic Fuzzing Framework

CERT Basic Fuzzing Framework

• CERT/CC Blog
Will Dormann

Hi folks. I've been involved in a fuzzing effort at CERT. One of the ways that I've been able to discover vulnerabilities is through "dumb" or mutational fuzzing. We have developed a framework for performing automated dumb fuzzing. Today we are releasing a simplified version of automated dumb fuzzing, called the Basic Fuzzing Framework (BFF)....

Read More
Top-10 Top Level and Second Level Domains Found in Malicious Software

Top-10 Top Level and Second Level Domains Found in Malicious Software

• CERT/CC Blog
Chad Dougherty

Hello folks. This post comes to you courtesy of Ed Stoner and Aaron Shelmire from the Network Situational Awareness group at CERT. They write: Recently there have been some statistics published on botnet Command & Control (C2) channels. These statistics claim that 94.58% of botnet C2 channels are under the .com top level domain (TLD). While it's impossible to accurately comment on those statistics without knowing the methodology used to arrive at them, we at...

Read More