Category: Uncategorized

Direct navigation — the act of visiting a website by manually typing a domain name in a web browser — has never been riskier: A new study finds the vast majority of “parked” domains — mostly expired or dormant domain names, or common misspellings of popular websites — are now configured to redirect visitors to sites that foist scams and malware.

When Internet users try to visit expired domain names or accidentally navigate to a lookalike “typosquatting” domain, they are typically brought to a placeholder page at a domain parking company that tries to monetize the wayward traffic by displaying links to a number of third-party websites that have paid to have their links shown.

A decade ago, ending up at one of these parked domains came with a relatively small chance of being redirected to a malicious destination: In 2014, researchers found (PDF) that parked domains redirected users to malicious sites less than five percent of the time — regardless of whether the visitor clicked on any links at the parked page.

But in a series of experiments over the past few months, researchers at the security firm Infoblox say they discovered the situation is now reversed, and that malicious content is by far the norm now for parked websites.

“In large scale experiments, we found that over 90% of the time, visitors to a parked domain would be directed to illegal content, scams, scareware and anti-virus software subscriptions, or malware, as the ‘click’ was sold from the parking company to advertisers, who often resold that traffic to yet another party,” Infoblox researchers wrote in a paper published today.

Infoblox found parked websites are benign if the visitor arrives at the site using a virtual private network (VPN), or else via a non-residential Internet address. For example, Scotiabank.com customers who accidentally mistype the domain as scotaibank[.]com will see a normal parking page if they’re using a VPN, but will be redirected to a site that tries to foist scams, malware or other unwanted content if coming from a residential IP address. Again, this redirect happens just by visiting the misspelled domain with a mobile device or desktop computer that is using a residential IP address.

According to Infoblox, the person or entity that owns scotaibank[.]com has a portfolio of nearly 3,000 lookalike domains, including gmai[.]com, which demonstrably has been configured with its own mail server for accepting incoming email messages. Meaning, if you send an email to a Gmail user and accidentally omit the “l” from “gmail.com,” that missive doesn’t just disappear into the ether or produce a bounce reply: It goes straight to these scammers. The report notices this domain also has been leveraged in multiple recent business email compromise campaigns, using a lure indicating a failed payment with trojan malware attached.

Infoblox found this particular domain holder (betrayed by a common DNS server — torresdns[.]com) has set up typosquatting domains targeting dozens of top Internet destinations, including Craigslist, YouTube, Google, Wikipedia, Netflix, TripAdvisor, Yahoo, eBay, and Microsoft. A defanged list of these typosquatting domains is available here (the dots in the listed domains have been replaced with commas).

David Brunsdon, a threat researcher at Infoblox, said the parked pages send visitors through a chain of redirects, all while profiling the visitor’s system using IP geolocation, device fingerprinting, and cookies to determine where to redirect domain visitors.

“It was often a chain of redirects — one or two domains outside the parking company — before threat arrives,” Brunsdon said. “Each time in the handoff the device is profiled again and again, before being passed off to a malicious domain or else a decoy page like Amazon.com or Alibaba.com if they decide it’s not worth targeting.”

Brunsdon said domain parking services claim the search results they return on parked pages are designed to be relevant to their parked domains, but that almost none of this displayed content was related to the lookalike domain names they tested.

Infoblox said a different threat actor who owns domaincntrol[.]com — a domain that differs from GoDaddy’s name servers by a single character — has long taken advantage of typos in DNS configurations to drive users to malicious websites. In recent months, however, Infoblox discovered the malicious redirect only happens when the query for the misconfigured domain comes from a visitor who is using Cloudflare’s DNS resolvers (1.1.1.1), and that all other visitors will get a page that refuses to load.

The researchers found that even variations on well-known government domains are being targeted by malicious ad networks.

“When one of our researchers tried to report a crime to the FBI’s Internet Crime Complaint Center (IC3), they accidentally visited ic3[.]org instead of ic3[.]gov,” the report notes. “Their phone was quickly redirected to a false ‘Drive Subscription Expired’ page. They were lucky to receive a scam; based on what we’ve learnt, they could just as easily receive an information stealer or trojan malware.”

The Infoblox report emphasizes that the malicious activity they tracked is not attributed to any known party, noting that the domain parking or advertising platforms named in the study were not implicated in the malvertising they documented.

However, the report concludes that while the parking companies claim to only work with top advertisers, the traffic to these domains was frequently sold to affiliate networks, who often resold the traffic to the point where the final advertiser had no business relationship with the parking companies.

Infoblox also pointed out that recent policy changes by Google may have inadvertently increased the risk to users from direct search abuse. Brunsdon said Google Adsense previously defaulted to allowing their ads to be placed on parked pages, but that in early 2025 Google implemented a default setting that had their customers opt-out by default on presenting ads on parked domains — requiring the person running the ad to voluntarily go into their settings and turn on parking as a location.

CNN
 — 

A 34-year-old man was arrested Tuesday evening in connection with the killings of four people who were found dead earlier in the day at a Bowdoin, Maine, home, authorities said.

The killings appeared to be connected to a series of nearby highway shootings that left three drivers injured – including one critically – shortly after the four bodies were discovered, state police have said.

The man arrested was identified by Maine State Police as Joseph Eaton.

Eaton was taken to Two Bridges Regional Jail and will make an initial court appearance later in the week, state police said in a Tuesday evening news release. State police did not say as of late Tuesday night that he was being held in connection with the highway shootings.

CNN has not yet been able to identify an attorney for Eaton.

“Investigators will be working throughout the night processing multiple scenes and continuing to interview people involved with this incident,” state police said in the news release.

Police have not shared details about a possible motive in the two incidents and did not share details about the four people found dead in the home.

In a statement on Twitter, Maine Gov. Janet Mills said, “Like people across Maine, I am shocked and deeply saddened – acts of violence like we experienced today shake our state and our communities to the core.”

Maine State Police responded Tuesday morning to the Bowdoin home, where they found the four deceased victims inside, state police Lt. Randall Keaten said in a news conference earlier Tuesday.

Shortly after, authorities received reports of several vehicles getting hit by gunfire on I-295 in the area of Yarmouth, which is about 40 minutes from Bowdoin.

Three people were shot while driving and were taken to the hospital, state police said. At least one of those three was in critical condition Tuesday, authorities added.

“We’ve got vehicles that have been hit by straight gunfire all across that we’re getting reports on, so if anybody has holes in their vehicles, please contact us so that we can follow up with that,” Keaten said.

The victims found in the Bowdoin home and the highway shootings are connected, Keaten said, adding there is no threat to the public.

The four bodies were taken to the Office of the Chief Medical Examiner in Augusta where autopsies will determine the manner and cause of death state police said.

Authorities have asked anyone who may have witnessed something or has any information about the Tuesday morning incidents to reach out.

“A lot happened this morning between those two scenes and those are the people that we want to talk to, those people that were impacted by this,” Keaten said, adding authorities were continuing to work on several impacted scenes and gather more information.

CNN
 — 

High speed trains have proved their worth across the world over the past 50 years.

It’s not just in reducing journey times, but more importantly, it’s in driving economic growth, creating jobs and bringing communities closer together. China, Japan and Europe lead the way.

So why doesn’t the United States have a high-speed rail network like those?

For the richest and most economically successful nation on the planet, with an increasingly urbanized population of more than 300 million, it’s a position that is becoming more difficult to justify.

Although Japan started the trend with its Shinkansen “Bullet Trains” in 1964, it was the advent of France’s TGV in the early 1980s that really kick-started a global high-speed train revolution that continues to gather pace.

But it’s a revolution that has so far bypassed the United States. Americans are still almost entirely reliant on congested highways or the headache-inducing stress of an airport and airline network prone to meltdowns.

China has built around 26,000 miles (42,000 kilometers) of dedicated high-speed railways since 2008 and plans to top 43,000 miles (70,000 kilometers) by 2035.

Meanwhile, the United States has just 375 route-miles of track cleared for operation at more than 100 mph.

“Many Americans have no concept of high-speed rail and fail to see its value. They are hopelessly stuck with a highway and airline mindset,” says William C. Vantuono, editor-in-chief of Railway Age, North America’s oldest railroad industry publication.

Cars and airliners have dominated long-distance travel in the United States since the 1950s, rapidly usurping a network of luxurious passenger trains with evocative names such as “The Empire Builder,” “Super Chief” and “Silver Comet.”

Deserted by Hollywood movie stars and business travelers, famous railroads such as the New York Central were largely bankrupt by the early 1970s, handing over their loss-making trains to Amtrak, the national passenger train operator founded in 1971.

In the decades since that traumatic retrenchment, US freight railroads have largely flourished. Passenger rail seems to have been a very low priority for US lawmakers.

Powerful airline, oil and auto industry lobbies in Washington have spent millions maintaining that superiority, but their position is weakening in the face of environmental concerns and worsening congestion.

US President Joe Biden’s $1.2 trillion infrastructure bill includes an unprecedented $170 billion for improving railroads.

Some of this will be invested in repairing Amtrak’s crumbling Northeast Corridor (NEC) linking Boston, New York and Washington.

There are also big plans to bring passenger trains back to many more cities across the nation – providing fast, sustainable travel to cities and regions that have not seen a passenger train for decades.

Add to this the success of the privately funded Brightline operation in Florida, which has been given the green light to build a $10 billion high-speed rail link between Los Angeles and Las Vegas by 2027, plus schemes in California, Texas and the proposed Cascadia route linking Portland, Oregon, with Seattle and Vancouver, and the United States at last appears to be on the cusp of a passenger rail revolution.

“Every president since Ronald Reagan has talked about the pressing need to improve infrastructure across the USA, but they’ve always had other, bigger priorities to deal with,” says Scott Sherin, chief commercial officer of train builder Alstom’s US division.

“But now there’s a huge impetus to get things moving – it’s a time of optimism. If we build it, they will come. As an industry, we’re maturing, and we’re ready to take the next step. It’s time to focus on passenger rail.”

Sherin points out that other public services such as highways and airports are “massively subsidized,” so there shouldn’t be an issue with doing the same for rail.

“We need to do a better job of articulating the benefits of high-speed rail – high-quality jobs, economic stimulus, better connectivity than airlines – and that will help us to build bipartisan support,” he adds. “High-speed rail is not the solution for everything, but it has its place.”

Only Amtrak’s Northeast Corridor has trains that can travel at speeds approaching those of the 300 kilometers per hour (186 mph) TGV and Shinkansen.

Even here, Amtrak Acela trains currently max out at 150 mph – and only in short bursts. Maximum speeds elsewhere are closer to 100 mph on congested tracks shared with commuter and freight trains.

This year, Amtrak plans to introduce its new generation Avelia Liberty trains to replace the life-expired Acelas on the NEC.

Capable of reaching 220 mph (although they’ll be limited to 160 mph on the NEC), the trains will bring Alstom’s latest high-speed rail technology to North America.

The locomotives at each end – known as power cars – are close relatives of the next generation TGV-M trains, scheduled to debut in France in 2024.

Sitting between the power cars are the passenger vehicles, which use Alstom’s Tiltronix technology to run faster through curves by tilting their bodies, much like a MotoGP rider does. And it’s not just travelers who will benefit.

“When Amtrak awarded the contract to Alstom in 2015 to 2016, the company had around 200 employees in Hornell,” says Shawn D. Hogan, former mayor of the city of Hornell in New York state.

“That figure is now nearer 900, with hiring continuing at a fast pace. I calculate that there has been a total public/private investment of more than $269 million in our city since 2016, including a new hotel, a state-of-the-art hospital and housing developments.

“It is a transformative economic development project that is basically unheard of in rural America and if it can happen here, it can happen throughout the United States.”

Alstom has spent almost $600 million on building a US supply chain for its high-speed trains – more than 80% of the train is made in the United States, with 170 suppliers across 27 states.

“High-speed rail is already here. Avelia Liberty was designed jointly with our European colleagues, so we have what we need for ‘TGV-USA’,” adds Sherin.

“It’s all proven tech from existing trains. We’re ready to go when the infrastructure arrives.”

And those new lines could arrive sooner than you might think.

In March, Brightline confirmed plans to begin construction on a 218-mile (351-kilometer) high-speed line between Rancho Cucamonga, near Los Angeles, and Las Vegas, carving a path through the San Bernardino Mountains and across the desert, following the Interstate 15 corridor.

The 200 mph line will slash times to little more than one hour – a massive advantage over the four-hour average by car or five to seven hours by bus – when it opens in 2027.

Mike Reininger, CEO of Brightline Holdings, says: “As the most shovel-ready high-speed rail project in the United States, we are one step closer to leveling the playing field against transit and infrastructure projects around the world, and we are proud to be using America’s most skilled workers to get there.”

Brightline West expects to inject around $10 billion worth of benefits into the region’s economy, creating about 35,000 construction jobs, as well as 1,000 permanent jobs in maintenance, operations and customer service in Southern California and Nevada.

It will also mark the return of passenger trains to Las Vegas after a 30-year hiatus – Amtrak canceled its “Desert Wind” route in 1997.

Brightline hopes to attract around 12 million of the 50 million one-way trips taken annually between Las Vegas and LA, 85% of which are taken by bus or car.

Meanwhile, construction is progressing on another high-speed line through the San Joaquin Valley.

Set to open around 2030, California High Speed Rail (CHSR) will run from Merced to Bakersfield (171 miles) at speeds of up to 220 mph.

Coupled with proposed upgrades to commuter rail lines at either end, this project could eventually allow high-speed trains to run the 350 miles (560 kilometers) between Los Angeles to San Francisco metropolitan areas in just two hours and 40 minutes.

CHSR has been on the table as far back as 1996, but its implementation has been controversial.

Disagreements over the route, management issues, delays in land acquisition and construction, cost over-runs and inadequate funding for completing the entire system have plagued the project – despite the economic benefits it will deliver as well as reducing pollution and congestion. Around 10,000 people are already employed on the project.

Costing $63 billion to $98 billion, depending on the final extent of the scheme, CHSR is to connect six of the 10 largest cities in the state and provide the same capacity as 4,200 miles of new highway lanes, 91 additional airport gates and two new airport runways costing between $122 billion and $199 billion.

With California’s population expected to grow to more than 45 million by 2050, high-speed rail offers the best value solution to keep the state from grinding to a smoggy halt.

Brightline West and CHSR offer templates for the future expansion of high-speed rail in North America.

By focusing on pairs of cities or regions that are too close for air travel and too far apart for car drivers, transportation planners can predict which corridors offer the greatest potential.

“It’s logical that the US hasn’t yet developed a nationwide high-speed network,” says Sherin. “For decades, traveling by car wasn’t a hardship, but as highway congestion gets worse, we’ve reached a stage where we should start looking more seriously at the alternatives.

“The magic numbers are centers of population with around three million people that are 200 to 500 miles apart, giving a trip time of less than three hours – preferably two hours.

“Where those conditions apply in Europe and Asia, high-speed rail reduces air’s share of the market from 100% to near zero. The model would work just as well in the USA as it does globally.”

Sherin points to the success of the original generation of Acela trains as evidence of this.

“When the first generation Acela trains started running between New York City and Washington in 2000, Amtrak attracted so many travelers that the airlines stopped running their frequent ‘shuttles’ between the two cities,” he adds.

However, industry observer Vantuono is more pessimistic.

“A US high-speed rail network is a pipe dream,” he says. “A lack of political support and federal financial support combined with the kind of fierce landowner opposition that CHSR has faced in California means that the challenges for new high-speed projects are enormous.”

According to the International Energy Agency (IEA), urban and high-speed rail hold “major promise to unlock substantial benefits” in reducing global transport emissions.

Dr. Fatih Birol, the IEA’s executive director, argues that rail transport is “often neglected” in public debates about future transport systems – and this is especially true in North America.

“Despite the advent of cars and airplanes, rail of all types has continued to evolve and thrive,” adds Birol.

Globally, around three-quarters of rail passenger movements are made on electric-powered vehicles, putting the mode in a unique position to take advantage of the rise in renewable energy over the coming decades.

Here, too, the United States lags far behind the rest of the world, with electrification almost unheard of away from the NEC.

Rail networks in South Korea, Japan, Europe, China and Russia are more than 60% electrified, according to IEA figures, the highest share of track electrification being South Korea at around 85%.

In North America, on the other hand, less than 5% of rail routes are electrified.

The enormous size of the United States and its widely dispersed population mitigates against the creation of a single, unified network of the type being built in China and proposed for Europe.

Air travel is likely to remain the preferred option for transcontinental journeys that can be more than 3,000 miles (around 4,828 kilometers).

But there are many shorter inter-city travel corridors where high-speed rail, or a combination of new infrastructure and upgraded railroad tracks or tilting trains, could eventually provide an unbeatable alternative to air travel and highways.