Cyberattack

Cyberattack / Featured Blogs

Cyberspace Solarium Commission Report

The Cyberspace Solarium Report released today is another, in an endless string of reports, that disgorge from Washington committees dealing with the eternal mantra of "defending American interests and values in cyberspace." The challenges (and many reports) here trace back 170 years when transnational telecommunication internets emerged. The dialogue and reports scaled in the 1920s with the emergence of radio internets and cyber threats, then again in the early 1980s... more

Cyberspace Security in Africa – Where Do We Stand?

Very few African states today have developed a national cybersecurity strategy or have in place cybersecurity and data protection regulations and laws. Yet, the continent has made major headway in developing its digital ecosystem, and moreover, it is home to the largest free trade area in the world, which is predicted to create an entirely new development path harnessing the potential of its resources and people. more

DNS, Domain Names, and Certificates: The Missing Links in Most Cybersecurity Risk Postures

In 2019, we've seen a surge in domain name system (DNS) hijacking attempts and have relayed warnings from the U.S. Cybersecurity and Infrastructure Agency, U.K.'s Cybersecurity Centre, ICANN, and other notable security experts. Although the topic has gained popularity amongst CIOs and CISOs, most companies are still overlooking important security blind spots when it comes to securing their digital assets outside the enterprise firewalls -- domains, DNS, digital certificates. more

Encryption, Our Last Line of Defense

Encryption is fundamental to our daily life. Practically everything we do online makes use of encryption is some form. Access to our financial transactions, health records, government services, and exchanged private messages are all protected by strong encryption. Encryption is the process of changing the information in such a way as to make it unreadable by anyone except for those possessing special knowledge (usually referred to as a "key"), which allows them to change the information back to its original, readable form. more

Cybercriminals Benefitting from Stalled Privacy/Proxy Policy

We've seen alarmingly BIG increases in multiple abusive behaviors – like phishing, hacking and malware – that often leverage the domain name system (DNS) and privacy/proxy services. Cybercriminals capitalize on gaps in DNS security measures, and ICANN is holding the door open for them by failing to implement their privacy/proxy policy. If you are ever targeted, you are not alone. more

Cybercriminals Weaponize Bulk-Registered Domain Names

Domain names that can be rapidly acquired, used in an attack, and abandoned before they can be traced are a critical resource for cybercriminals. Some attacks, including spam and ransomware campaigns and criminal infrastructure operation (e.g., "botnets"), benefit particularly from the ability to rapidly and cheaply acquire very large numbers of domain names – a tactic known as bulk registration. more

Proactive Cybersecurity: What Small Businesses Can Actually Do

In the business world, there are two main paths a company can take with cybersecurity -- the reactive and the proactive approach. The problem with a purely reactive attitude is that it can easily put companies in constant firefighting mode. And for small companies with limited resources, this can turn out to be an increasingly uncomfortable place to be in.
With that in mind, experts today suggest proactive cybersecurity by monitoring suspicious activity and identifying risks before they turn into full-blown attacks. more

Threat Intelligence in Latter 2019: Overcoming the Same and New Challenges

Does threat intelligence (TI) work? I looked into that question last year, exploring the reasons why it actually doesn't and what can be done to remediate the situation. Since then, more companies have incorporated TI into their security processes, and many are still not getting the benefits they expect. What's causing the dissatisfaction? Interestingly, pretty much the same aspects... more

WHOIS Database Download: Proactive Defense Against the Rising Tide of BEC Fraud

How many times have you heard that humans are the weakest link in cybersecurity? The headlines have proven that over and over again. In particular, business email compromise or BEC (also known as email account compromise or EAC) scams, which typically target an employee with access to the financial resources of his company -- this could be a C-level executive or any high-ranking officer -- for fraud are still on a constant uphill trend. more

Why Passive DNS Matters in Cybersecurity

Imagine a scenario. Your website analysis shows that your page has stopped receiving visitors, yet there are no complaints that your domain is unreachable. Strange, isn't it? You are certainly wondering: What's going on? Where are my customers? You see, what happened is that you are facing the consequences of the lack of domain name system (DNS) security. more

Industry Updates

Using WHOIS History and Other Intelligence Sources for Establishing Potential Attack Surfaces

Domain Intelligence Shows Cybercriminals May Abuse Video-Conferencing Services' Brand Names

How Cyber Threat Intelligence Feeds Can Support MSSPs

Brand Monitor and Typosquatting Data Feed: Two Assets to Support Spear-Phishing Prevention

What Cyber Threat Intelligence Tools Can Reveal about a Targeted Attack

MarkMonitor Releases New gTLD Quarterly Report for Q1 2020

3 Ways a DNS Lookup Tool Can Help Prevent DNS Attacks

How a Passive DNS Database Can Help Improve Cyber Resilience

How to Build an Attack Profile with WHOIS Database Download as a Starting Point

How IP Geolocation Lookups Help Thwart Cyber Attacks

Fight Against Phishing: Email Address Verification as a Cybersecurity Process

How to Avoid IP Spoofing with a Reverse IP Address Lookup Service

DNS Hijacking: The Iranian Cybersecurity Threat That May Be Overlooked

Mitigating Phishing Attacks on Cloud/File Storage Services through Domain Reputation API

Mobile Apps Take the Lead, Scammers Follow