Cybersecurity

Exposing Rogue Free VPN Users – An OSINT Analysis

According to recent research conducted by DNS Threat Researcher Dancho Danchev, the National Security Agency (NSA) seemingly runs a free VPN domain portfolio to lure malicious users and learn more about their Internet activities. more

Root Certification Expiration: Is Your Business Continuity in Jeopardy?

If your organization includes Android devices as part of its bring-your-own-device (BYOD) policy or uses embedded systems, then a recent root expiration for Let's Encrypt digital certificates may potentially place your organization at risk. This update will cover what you need to be aware of and how this potential blind spot can impact your organization. more

Majority of World’s Largest Companies Susceptible to Phishing and Brand Abuse Due to Improper Domain Security

We have recently released our annual Domain Security Report: Forbes Global 2000 Companies, which found that despite the shift to modernize business environments and operations among the Global 2000 companies, web domains remain dangerously under-protected. more

Upcoming Hollywood Movie Releases and Domain Registration Trends, Is There a Connection?

It’s not uncommon to see news stories that blame piracy or prerelease leakages for poor movie revenue turnouts. We’ve seen that happen over time with movies like “X-Men: Origins Wolverine,” “Star Wars: Episode III: Revenge of the Sith,” and “Expendables 3.” more

An Analysis of the Gaming Industry’s Domain Attack Surface

The videogame industry has outperformed the movie and North American sports industry in 2020, and market experts expect the trend to continue on in 2021. So reports about the increasing cyber attacks targeting the said industry is not surprising as threat actors tend to go after lucrative targets. more

Phorpiex Botnet Extortion: DNS Facts and Findings

The Phorpiex botnet has been operating for years now. It first focused on distributing old-school worms that spread via infected USB drives or through chats that relied on the Internet Relay Chat (IRC) protocol. more

Beyond Hafnium Attacks: An Expansion of IoCs Related to 3 APT Clusters

The Hafnium attacks targeting Microsoft Exchange Server vulnerabilities triggered several cybersecurity investigators and researchers to hunt for other threat actors that use similar attack methods. Among them is the Cybereason News Network. more

Credential-Hinting Domain Names: A Phishing Lure?

As an attack vector, phishing has had several underlying purposes – e.g., delivering malware, stealing sensitive information, and defrauding victims. However, it looks like most phishing emails could be used to obtain user credentials according to the 2021 Annual State of Phishing Report by Cofense. more

What Are the Internet Domains Connected to the Conficker Botnet?

Conficker gained prominence back in 2008, when it was then considered possibly the most widespread worm affecting millions of Windows computers worldwide. For several years, the worm, also known as "Downup," "Downadup," "Downad," or "Kido," was the top malware infector. more

Investigation of an Iranian Misinformation Network: Are Some IRGC Domains Still Up?

June 2021 saw the U.S. Department of Justice (DOJ) shutting down and seizing several websites believed to be involved in misinformation campaigns. These websites published news-related content and seemingly had connections to Irani governmental entities. In fact, some of them were found to be the property of the Iranian Islamic Radio and Television Union (IRTVU). more