KOR LabsWe're attending the #ICANN86 Policy Forum in Seville.
Interested in discussing DNS abuse, abuse mitigation, or broader DNS security topics? Come find us. And if you're there and just want to catch up, feel free to reach out.
securityskeptic 
Malicious Actors Accounted for as much as 20% of New Domain Name Registrations in 2025
A new analysis by Interisle Consulting Group finds that cybercriminals registered a significant share of new domain name registrations in 2025, representing a substantial percentage of the generic Top-Level Domain (gTLD) market.
The study establishes that malicious actors purchased at least 10 percent of all newly registered gTLD domains in 2025, with projections indicating that the actual share may be closer to 20 percent.
#domainname #domainabuse #cybercrime #maliciousdomains #dnsabuse
https://interisle.substack.com/p/malicious-actors-accounted-for-as
Allowlisting: Exception Handling for Blocked TLDs
In this article, we discuss how to deal with blocklisting exception cases by using selective allowlisting to complement generalized blocklisting as part of an incident response.
https://interisle.substack.com/p/allowlisting-exception-handling-for
Cybercrime Reported in April 2026
Interisle publishes quarterly data about cybercrime activity (for phishing, malware, and spam) at the Cybercrime Information Center.
Today, we look at cybercrime activity for the month of April 2026. We point out anything that strikes us as particularly interesting in overall numbers as well as significant changes in ranking for Top Level Domains (TLDs), Registrars, and Hosting Networks.
https://interisle.substack.com/p/cybercrime-reported-in-april-2026
Andreas TaudteOrganizations still treat #DNS abuse as either a legal or a technical problem. That split creates a blind spot, especially around malicious subdomains, where sophisticated #phishing campaigns hide.
@icann shared the recent webinar by Alex Urbelis on #DNSAbuse: https://www.icann.org/en/engagement-calendar/details/icann-technical-webinar-emea-phishing-and-dns-abuse-operational-blindspots-2026-04-29
#DNSmodernization is not only about infrastructure, but also about security operations, abuse response and risk management.
Joly MacFieWEBINAR 7 MAY 07:00 UTC – APRALO Policy Forum + EURALO – Understanding the Role of Trusted Notifiers in DNS Abuse Mitigation
REGISTER | ADD TO CALENDAR | PERMALINK
On 7 May 2026, at 07:00 UTC, the APRALO Policy Forum and EURALO will host a joint webinar 'Understanding the Role of Trusted Notifiers in DNS Abuse Mitigation'. The selection of this topic was motivated by the recent At-Large Webinar: Overview on DNS A
WEBINAR 29 APR 12:00 UTC – ICANN EMEA: Phishing and DNS Abuse – Operational Blindspots
REGISTER | ADD TO CALENDAR | PERMALINK
On Wednesday 29 April 2026 at 12:00-13:00 UTC the Internet Corporation for Assigned Names and Numbers (ICANN) will host a technical webinar 'EMEA: Phishing and DNS Abuse - Operational Blindspots'.
This presentation examines phishing and DNS abuse through real-world attack cases — traci
How to Protect Against Phishy Top-level Domains, Part 2
In a previous article, we explained that risk-averse organizations routinely adopt TLD blocking as a defense against cyber-attacks.
We EMPHASIZED why this is a last resort measure and offered examples of TLDs that were persistently associated with major phishing and scam attacks in CY2025. We also describe how to make an informed TLD blocking decision.
In our earlier post, we explained how organizations or individuals could use Cisco’s OpenDNS service to adopt TLD blocking. Today, we’ll be taking a look at how NextDNS could be used to block TLDs.
https://interisle.substack.com/p/how-to-protect-against-phishy-top-b41
#phishing #cybercrime #blocklisting #tld #domainnames #dnsabuse
Feb 26 2026 – At-Large Meets OCTO-SSR
VIDEO | AUDIO | RECAP | SLIDES | ARCHIVE | PERMALINK
On February 26, 2026, ICANN At-Large hosted a webinar 'At-Large Meets OCTO-SSR'. Siôn Lloyd of Office of the Chief Technology Officer (OCTO) Internet Identifier System Security, Stability, and Resiliency Research (SSR) team recapped an ICANN 83 session introducing OCTO-SSR's work. Topics include tools such as ICANN Domain Me
WEBINAR 27 MAY 12:00 UTC – What Makes a DNS Abuse Complaint to ICANN Actionable: Insights and Common Challenges
REGISTER | ADD TO CALENDAR | PERMALINK
On 27 May 2026, at 12:00-13:00 UTC, ICANN Contractual Compliance will host a webinar 'What Makes a DNS Abuse Complaint to ICANN Actionable: Insights and Common Challenges'. Case studies will be explored, plus there will be a walkthrough of ICANN's Step-by-Step Guid
