John KristoffApr 29, 2023

You can glean a lot from #BGP route changes. #AS397222 recently began announcing 192.28.94.0/24 a #3M prefix which includes an address mapped to an authoritative name server for 3m.com.

The significance? 397222 is originated by #Neustar security group. The other auth name server is also being originated by another Neustar ASN. What we can't know definitely from routes alone is intent. Could be proactive, an active DDoS mitigation in progress, minor configuration change, a test, or something else.

For more:

* CIDR Report https://www.cidr-report.org/cgi-bin/as-report?as=AS397199&view=2.0
* RIPE routing-history https://stat.ripe.net/widget/routing-history#w.resource=192.28.94.0/24

AS Report

John KristoffApr 5, 2023
#Neustar Security Services is now known as #Vercara. https://vercara.com/news/neustar-security-services-is-now-vercara
uRiDec 16, 2022

Senate Finance Committee Chairman Ron Wyden asked the #FTC to look into whether #Neustar, violated #privacy rights when it sold sensitive information from consumers to a DoD funded research project.

https://thehill.com/policy/cybersecurity/3777068-wyden-urges-ftc-probe-into-sensitive-internet-metadata-sold-to-us-government/

Wyden urges FTC probe into ‘sensitive internet metadata’ sold to US government

Senate Finance Committee Chair Ron Wyden (D-Ore.) is calling on the Federal Trade Commission (FTC) to investigate whether a sale of Americans’ data by a tech company to taxpayer-funded entities violated privacy laws.  In his letter, Wyden asked the agency to look into whether Neustar, the tech firm, violated privacy rights when it sold sensitive…

The Hill
ITSEC NewsSep 16, 2020
DDoS Attacks Skyrocket as Pandemic Bites - More people being online during lockdowns and work-from-home shifts has proven to be lucrative for... https://threatpost.com/ddos-attacks-skyrocket-pandemic/159301/ #volumetricattacks #denialofservice #internetusage #cyberattacks #workfromhome #websecurity #coronavirus #trendreport #healthcare #covid-19 #pandemic #neustar #ddos
DDoS Attacks Skyrocket as Pandemic Bites

More people being online during lockdowns and work-from-home shifts has proven to be lucrative for DDoS-ers.

Threatpost - English - Global - threatpost.com
Gregori FabreMar 5, 2018
7 important lessons we learned from launching our branded Top Level Domain #tnw https://thenextweb.com/insights/2018/03/05/launching-branded-top-level-domain-taught-us-7-things/ #neustar
7 important lessons we learned from launching our branded Top Level Domain

We’re one of the first to fully transition to our branded Top Level Domain, and the lessons learned from our launch can be applied by any brand looking to roll out their own TLD.