Threat Intelligence

 Sponsored
by

Noteworthy

Domain Research and Monitoring: Keeping an Eye on the Web for You

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 24, 2019 |   Read More |   15,533

Reverse WHOIS: A Powerful Process in Cybersecurity

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider Jun 14, 2019 |   Read More |   16,118

WHOIS History API: Powering Domain Investigations

WhoisXML API
A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider May 22, 2019 |   Read More |   14,857

Threat Intelligence / Industry Updates

Checking Out the DNS for More Signs of ResumeLooters

Mar 22, 2024

Group-IB uncovered ResumeLooters, a threat actor group specializing in victimizing job hunters to steal their personally identifiable information (PII).

WhoisXML API Publishes a New Study of 7 APT Groups That Have Targeted North America

Mar 19, 2024

In the past two decades, at least 41 advanced persistent threat (APT) groups have launched attacks on entities and organizations based in North America.

Searching for Potential Propaganda Vehicle Presence in the DNS

Mar 16, 2024

The Citizen Lab recently uncovered an ongoing online propaganda campaign they have dubbed "PAPERWALL" that has been targeting local news outlets across 30 countries in Europe, Asia, and Latin America.

Following the VexTrio DNS Trail

Mar 13, 2024

VexTrio, a traffic distribution system (TDS) provider believed to be an affiliate of ClearFake and SocGholish, among other threat actors, has been active since 2017.

DarkGate RAT Comes into the DNS Spotlight

Mar 08, 2024

In the past, DarkGate attacks were either lumped together with or classified as BattleRoyal remote access Trojan (RAT) attacks. Recent evidence, however, showed the two malware are not one and the same.

Tracing Ivanti Zero-Day Exploitation IoCs in the DNS

Mar 06, 2024

Among the latest to suffer from zero-day exploitation is Ivanti, a software company providing endpoint management and remote access solutions to various organizations, including U.S. federal agencies.

DNS Investigation: Is xDedic Truly Done for After Its Takedown?

Mar 04, 2024

Law enforcement agencies shut down xDedic, a cybercrime-as-a-service (CaaS) marketplace specifically providing web servers to cybercriminals, back in 2019. However, WhoisXML API threat researcher Dancho Danchev posits that parts of its backend infrastructure may remain traceable.

DNS Deep Diving into Pig Butchering Scams

Feb 28, 2024

New kids on the cybercrime block, pig butchering scams, have been making waves lately, and it is not surprising why. Scammers have been earning tons from them by being able to trick users into investing in seemingly legitimate business ventures but losing their hard-earned cash instead.

The New RisePro Version in the DNS Spotlight

Feb 23, 2024

RisePro, a malware-as-a-service data stealer, has been plaguing users since 2022. ANY.RUN recently discovered and analyzed its latest version in great depth and identified 10 indicators of compromise (IoCs) -- three domains and seven IP addresses.

Tracking Down Sea Turtle IoCs in the DNS Ocean

Feb 21, 2024

The Sea Turtle threat group recently made headlines when it expanded its operations to target ISPs and telecommunications and media companies in the Netherlands. In the past, Sea Turtle primarily targeted organizations in the Middle East and the U.S. using DNS hijacking and man-in-the-middle (MitM) attacks.

Most Popular

Unlocking the DNS Strongbox of BADBOX 2.0

Unearthing the DNS Roots of the Latest Lotus Blossom Attack

Detectify vs Intruder: External Attack Surface Management on a Budget

Rounding Up the DNS Traces of RA World Ransomware

Tempering Tax Season Troubles with DNS Intel

Decrypting the Inner DNS Workings of EncryptHub

Tracing the DNS Footprints of REF7707

Igniting a DNS Spark to Investigate the Inner Workings of SparkCat

DNS Deep Diving Into 2025’s Up and Coming Ransomware Families

A DNS Investigation of SEO Manipulation via Bad Seed BadIIS