Industry

From URSNIF IoCs to Software Spoofing: Using DNS Intel to Connect the Dots

Financially motivated threat actors called "TA544" were first detected in 2017. TA544 is known for high-volume campaigns, sending hundreds of thousands of malicious messages daily. more

Does Your Supplier’s Domain Oversight Impact You?

You are a distributor that sells your supplier's brands, so aside from worrying about your own company's domains, you've got nothing else to worry about, right? more

Thawing IcedID Out Through a DNS Analysis

Evolution isn't only for humans and other living things. Apparently, malware can evolve, too, and IcedID is a good example. First detected as a banking trojan in 2017, IcedID continues to undergo updates that make it even more dangerous. In the past few months, IcedID variants have been observed to deliver ransomware payloads instead of performing its original function -- stealing financial data. more

What’s Your .AI Domain Strategy?

Artificial intelligence (AI) is in the news every day and corporate strategies are evolving to adapt our businesses to AI use. 75% of companies have already integrated AI into their business strategies and a whopping 83% of companies consider using AI in their strategy to be a high priority according to Accenture. more

Examining WoofLocker Under the DNS Lens

WoofLocker tech support scams have been wreaking havoc since 2017 but the threat actors behind it don't seem to be done yet. In fact, the threat may have become even more resilient. more

Decoy Dog, Too Sly to Leave DNS Traces?

Decoy Dog, a malware renowned for abusing the DNS, specifically by establishing command and control (C&C) via DNS queries, first reared its head most likely in early 2022. Given its sly nature, the DNS malware has been used to successfully steal data from organizations throughout Russia and other Eastern European nations. more

Will Redis Remain on Threat Actors’ Radar?

Threat actors have been targeting vulnerable Redis instances since February 2022 when the Redis Lua Sandbox Escape and Remote Code Execution Vulnerability, also known as "CVE -- 2022 -- 0543," was discovered. The Mushtik Gang was one of the first cyber attack groups to exploit it. more

Radix’s Releases H1 2023 Premium Domains Report, Reaches $4.6M in Total Premium Domain Name Retail Revenue

Radix has shared its bi-annual premium report for the first half of 2023, giving a complete overview of the premium domain sales across its new TLD portfolio. more

RedHotel Attack Infrastructure: A DNS Deep Dive

We began our analysis by subjecting the domains identified as IoCs to Threat Intelligence Platform (TIP) lookups. Those allowed us to uncover these WHOIS record findings. more

APNIC56 Policy Proposals

APNIC56 is in Kyoto, Japan September 7–14. This year, there are four new policies being proposed and an edit to a policy previously discussed several times. more

Domain Name Industry Brief Quarterly Report: DNIB.com Announces 356.6 Million Domain Name Registrations in the Second Quarter of 2023

Today, the latest issue of The Domain Name Industry Brief Quarterly Report was released by DNIB.com, showing the second quarter of 2023 closed with 356.6 million domain name registrations across all top-level domains (TLDs), an increase of 1.7 million domain name registrations, or 0.5%, compared to the first quarter of 2023. more

Radix Launches RFP for a Registry Service Provider (RSP)

Radix today announced the beginning of its invite-only Request for Proposal (RFP) process for the selection of a Registry Service Provider (RSP). Radix currently manages over 7 million domains across extensions that include .Online, .Store, .Tech, .Website, .Space, .Press, .Site, .Host, .Fun, .Uno, .Pw and .In.net. more