BlackNet RAT, first discovered during the COVID -- 19 pandemic and being distributed via spam messages offering an effective cure for the virus, seems to have outlived the global crisis. more
Google's announcement of the launch of the .zip ngTLD was met by a lot of debate. Many believe threat actors could abuse the ngTLD for phishing and other malicious campaigns, primarily since it could be easily confused with the .zip file extension. more
Phishing campaigns almost always require a massive volume of domains in order to succeed. Phishers, after all, need to have readily weaponizable vectors at their disposal in case the ones they're currently employing get detected and consequently blocked. more
On 10 February 2023, Reddit announced it suffered a security incident where a phishing campaign led an employee to a website that imitated the network's intranet gateway. more
Phishing, despite its age and infamy, remains one of the top threats to corporate and personal networks alike. And it's not hard to see why -- it continues to be effective. In fact, more than a third of all data breaches today involve phishing. more
The latest fraud data Sift published in "Q2 2023 Digital Trust & Safety Index" revealed that 78% of users are concerned that fraudsters could exploit AI tools to victimize them. more
Even if cyber attack tactics, techniques, and procedures (TTPs) have become increasingly sophisticated over the years, age-old phishing remains the most-used attack vector to this day. more
Scammers and fraudsters have been making life hard for users the world over for a long time now. To help expose potential malicious campaigns, threat researchers like Dancho Danchev have been collating indicators of compromise (IoCs) that can be used in further investigations. more
APT29, believed to be an espionage group from Russia, became known for launching targeted attacks against organizations in Ukraine. But over the course of investigating the threat group, Mandiant discovered that it may have a hand in cybercriminal operations, specifically phishing, as well. more
The Federal Bureau of Investigation (FBI) shut down BreachForums, a forum for English-speaking black hat hackers, on 21 March 2023, following the arrest of its owner Conor Brian Fitzpatrick. more
CSC, an enterprise-class domain registrar and world leader in mitigating domain and domain name system (DNS) threats, has launched its new DomaincastingSM digital blocking network - a complement to its current Enforcement services. more
Cyber espionage group MuddyWater's or Mercury's first major campaign was seen as early as 2012. But as things always go in the cybersecurity realm, threat groups, especially those that gain infamy, don't necessarily just come and go. more
APT41, also known as "Winnti," "BARIUM," or "Double Dragon," is an APT group said to originate from China. Having been active since 2012, APT41 rose to infamy by successfully launching targeted cyber espionage attacks on government agencies and private companies worldwide. more
Even solutions meant to enhance security can sometimes fall prey to the best cyber attackers. That's what happened to JumpCloud, a cloud-based directory service platform designed to centralize and simplify identity access management (IAM). more
Lorec53, a relatively new APT group according to NSFocus, actively targeted various Eastern European government institutions in 2021. The threat actors used well-crafted phishing campaigns to gather and steal data from their targets. Two years after their heyday, is the threat Lorec53 poses gone? Or has the group left still-active traces in the DNS? more
Sponsored byWhoisXML API
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byRadix
Sponsored byCSC
Sponsored byIPv4.Global
Sponsored byVerisign