Click For Photo: https://regmedia.co.uk/2017/02/01/securityguardbouncer.jpg
IT admins could go a long way towards protecting their users from malware and other dodgy stuff on the internet if they ban access to any web domain less than a month old.
This advice comes from Unit 42, the security branch of networking house Palo Alto Networks. To be exact, the recommendation is that any domain created in the past 32 days ought to be blocked. This comes after the gang studied newly-registered domains – NRDs for short – and found that more than 70 per cent fell under the classification of "suspicious," "not safe for work," or "malicious."
Bit - False-positives - Risk - Threats - NRDs
"While this may be deemed a bit aggressive by some due to potential false-positives, the risk from threats via NRDs is much greater," noted Unit 42's Zhanhao Chen, Jun Javier Wang, and Kelvin Kwan. "At the bare minimum, if access to NRDs are allowed, then alerts should be set up for additional visibility."
According to Unit 42's study of new domains created on 1,530 different top level domains (TLDs) from March to May of this year, just 8.4 per cent of NRDs could be confirmed as hosting only benign pages. 2.32 per cent were confirmed not safe for work, while 1.27 per cent of the domains were classified as malicious, meaning they were found to...
Wake Up To Breaking News!
It had only one fault, it was useless.