Cisco Blogs


Cisco Blog > Threat Research

Talos Discovery Spotlight: Hundreds of Thousands of Google Apps Domains’ Private WHOIS Information Disclosed

This post was authored by Nick Biasini, Alex Chiu, Jaeson Schultz, and Craig Williams. Special thanks to William McVey for his contributions to this post.

Table of Contents

Overview
WHOIS Privacy Protection
Why Does This Exist
The Issue
Implications for the Good/Bad Guys
Current State and Mitigations
Disclosure Timeline
Conclusion
Footnotes

Overview

In mid-2013, a problem occurred that slowly began unmasking the hidden registration information for owners’ domains that had opted into WHOIS privacy protection. These domains all appear to be registered via Google App [1], using eNom as a registrar. At the time of writing this blog, there are 305,925 domains registered via Google’s partnership with eNom. 282,867 domains, or roughly 94% appear have been affected [2]. (Google reports that new domains which have not faced a renewal period are not affected and many businesses do not opt into their privacy service.) The information disclosed included full names, addresses, phone numbers, and email addresses for each domain. The information was leaked in the form of WHOIS records.

The graphic above illustrates the drastic shift in domains utilizing privacy protection (dark green) to those with WHOIS information exposed (light green). At its peak at least 90% of the domains registered were utilizing privacy protection which plummeted to less than 1%. The grey circle indicates the initial shift occurring. The arrow notes when resolution had occurred.

The graphic above illustrates the drastic shift in domains utilizing privacy protection (dark green) to those with WHOIS information exposed (light green). At its peak at least 90% of the domains registered were utilizing privacy protection which plummeted to less than 1%. The grey circle indicates the initial shift occurring. The arrow notes when resolution had occurred.

Read More »

Tags: , , , ,

We’re More Powerful Together, Than Apart

We launched our Connected Life Exchange blog yesterday that’s focused on sharing interesting stories. I’ve anticipated this day for three years. I’m eager to work on this project, along with a talented group of creative people.

I remember the very first time that I saw the original Cisco “Human Network” television commercial. Why? It marked the beginning of a journey that ultimately brought me here — as a member of the Cisco family.

On Monday, April 30, 2007. I was a self-employed, independent industry analyst and marketing consultant. I needed a topic to write about that day, for my own blog.

Read More »

Tags: , , , , ,

Just how does ‘Content Find You’?

How do you find out about new TV shows,  movies, and bands and artists?

At the Bandwidth Conference (a digital music trade show), a few months back, we captured some conversations about ‘how content finds you’,  in this case, how you find new music.  Jac Holzman, the visionary founder of Elektra Records (read a Cisco blog post about Holzman and the 60th anniversary of the label here), was asked if it’s a bad thing that technology has lowered the cost of recording, thereby allowing hundreds of thousand more musically inclined people to make records. With so much new music being released, isn’t so much of it just mediocre music? For instance, going online to sift through hundreds of blogs, unknown artist sites, music discovery sites like the Hype Machine and recommendation services like Pandora – is it worth all that time to find good new music? Holzman offers that record labels themselves, like Elektra (see the Cisco Eos powered site for the label here), are one of the best platforms to discover new quality music – he explains ..

When it comes to discovering new music, what if you don’t have a favorite record label or radio station, to be your ‘first filter’ as Jac Holzman calls it?

Read More »

Tags: , , , , , , , , ,