Cybercrime

Cybercrime / Featured Blogs

Reshaping Cyberspace: Beyond the Emerging Online Mercenaries and the Aftermath of SolarWinds

Ahmed Mansoor is an internationally recognized human rights defender based in the Middle East and recipient of the Martin Ennals Award (sometimes referred to as a "Nobel Prize for human rights"), On August 10 and 11, 2016, Mansoor received an SMS text messages on his iPhone promising "new secrets" about detainees tortured if he clicked on an included link. Instead of clicking, Mansoor sent the messages to the Canadian Citizen Lab researchers. more

What Are the Connected Assets of Confirmed Fake FBI Domains?

Two months ago, the Federal Bureau of Investigation (FBI) alerted the public to a list of domains that could easily be mistaken to be part of its network. The list of artifacts contained a total of 92 domain names, 78 of which led to potentially malicious websites, while the remaining 14 have yet to be activated or are no longer active as of 23 November 2020. more

97% of All Global 2000 Companies at Risk from SAD DNS Attack

There is a new threat in town known as "SAD DNS" that allows attackers to redirect traffic, putting companies at risk of phishing, data breach, reputation damage, and revenue loss. What is SAD DNS? No, it isn't the domain name system (DNS) feeling moody, but an acronym for a new-found threat -- "Side-channel AttackeD DNS" discovered by researchers that could revive DNS cache poisoning attacks. more

Cybersecurity Considerations in the Work-From-Home Era

Verisign is deeply committed to protecting our critical internet infrastructure from potential cybersecurity threats, and to keeping up to date on the changing cyber landscape. Over the years, cybercriminals have grown more sophisticated, adapting to changing business practices and diversifying their approaches in non-traditional ways. We have seen security threats continue to evolve in 2020, as many businesses have shifted to a work from home posture due to the COVID-19 pandemic. more

Internet Governance and the Universal Declaration of Human Rights, Part 6: Articles 18-19

Internet Governance, like all governance, needs guiding principles from which policy making, and acceptable behavior, are derived. Identifying the fundamental principles to guide Internet ecosystem policy making around digital citizenship, and around the integrity of digital practices and behavior, can and should start with the Universal Declaration of Human Rights, (UDHR). more

Holiday Shoppers Beware: Tips on Protecting Brand Owners and Consumers from Domain Security Threats

With the COVID-19 pandemic persisting, online shopping will be the preferred method for the 2020 holiday shopping season. While staying home to shop is the safest option right now, it means consumers are more vulnerable to online fraud, counterfeits, and cyber crime. Increased online activity provides opportunities for unscrupulous infringers to abuse trusted brand names to drive visitors to their own fraudulent content. more

An Investigative Analysis of the Silent Librarian IoCs

The Silent Librarian advanced persistent threat (APT) actors have been detected once again, as the academic year started in September. With online classes increasingly becoming the norm, the group's phishing campaigns that aim to steal research data and intellectual property could have a high success rate. Dozens of phishing domain names have been reported, although some may have already been taken down. more

ICANN Doubles Down on Technical Internet Governance Label: What Are the Implications?

Back in September of 2020, ICANN CEO Göran Marby wrote a blog post discussing the implementation of "a common strategy for Internet governance (IG) and technical Internet governance (TIG)", raising the question of whether the ICANN org. intended to pursue this distinction moving forward, as debated in a previous article. This was proven to be the case during the 2020 IGF's Open Forum #44: "ICANN Open Forum - Technical Internet Governance", organized by ICANN itself... more

A Brief Look at the Domain Attack Surface of Streaming Media Companies

The term "attack surface" is often heard in cybersecurity conversations. It refers to the sum of all possible attack vectors or the vulnerabilities that threat actors can exploit to penetrate a target network or damage an organization somehow. An unused and forgotten subdomain, for instance, can become an attack vector when taken over. Certain categories of companies have very large attack surfaces. Such is the case of streaming media businesses like Netflix and HBO Max. more

US Election-Related Web Properties Prone to Fraud and Misinformation Due to Lack of Domain Security

The risks of fraud and disinformation in the U.S. election process have been hiding in plain sight. CSC's new research finds that a large majority of web domains closely linked to the campaign websites for Joe Biden and Donald Trump lack basic domain security protocols and are prone to domain spoofing tactics. This makes them a potential target for hackers looking to spread disinformation ahead of the election, and criminals who want to take advantage of voter intentions... more

Industry Updates

Internet Threats Go Viral – Companies Must React to Keep Brands Secure

ZeuS, Still Alive and Kicking in the Form of Jabber ZeuS?

SideWinder DNS Blackholes Uncovered with Threat Intelligence Platform

Given a Malicious Email Address, What Can You Discover with Maltego's WhoisXML API Transforms?

Crypto-Related Domains and Subdomains: What's Underneath the 30K of Them?

A Deep Dive into Known Magecart IoCs: What Are the Connected Internet Properties?

COVID-19-Related Bulk Domain Registrations: A Possible Case of DNS Abuse?

Together for the Good of the Internet: eco Complaints Office Registers More Reports Than Ever Before

How Reverse IP Lookup API Can Help Detect Connected Domains

Come April, Nothing Is Certain Except Phishing and Taxes

An In-Depth Look at the Risks Kozow.com Subdomains May Pose to Internet Users

Why Protecting Your Brand from Online Fraud is More Important Than Ever

SolarWinds Cyber Intel Analysis Part 2: A Look at Additional CISA-Published IoCs

Cyber Threat Intel Analysis and Expansion of SolarWinds Identified IoCs

All Roads Lead to… Domains: Why the Humble Domain Name is the Foundation of Your Online Security