Industry

Latest

Looking Into the Latest Microsoft Exchange Server Vulnerability Exploitation

A threat actor reportedly infiltrated the network of and stole data from a financial institution about a month ago by exploiting any of four Microsoft Exchange Server vulnerabilities -- CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, or CVE-2021-27065. While patches for all these have been released, users who have not downloaded and installed these could remain at risk. more

Radix’s .Tech Domains Partners with Code.org to Bridge Widening Gender, Race Gap in Computer Science

.Tech Domains, the leading new domain extension for the tech ecosystem, recently announced that it is collaborating with Code.org, a nonprofit dedicated to expanding access to computer science in schools. more

Hidden Botnet C&C on Legitimate Infrastructure? The Case of 000webhostapp[.]com

Threats can come from anywhere, even from legitimate hosting infrastructure. In fact, many cybercriminals often host their command-and-control (C&C) servers in known hosting providers' networks, sometimes those that offer bulletproof hosting services, to evade detection and consequent blocking. more

A Deep Dive into Known Magecart IoCs: What Are the Connected Internet Properties?

Magecart-style attacks have been around for a while and continue to be mentioned in the news in 2021. We found and collected a list of 20 domain names that have been mentioned in the past months on VirusTotal as Magecart indicators of compromise (IoCs). more

COVID-19-Related Bulk Domain Registrations: A Possible Case of DNS Abuse?

Addressing Domain Name System (DNS) abuse has been a priority of the Internet Corporation for Assigned Names and Numbers (ICANN), notably since March 2020. During its 70th conference, the organization's members talked about creating a web page defining DNS abuse-related terms, which should be updated over time, to help users report cases. more

Changing Roles Changes Risk

Managing a company's digital assets, administrators must keep their eyes on who has access to important resources like domains, domain name servers, and digital certificates - and with which vendors. more

Protecting Intellectual Property Protects Consumers

Next week we will celebrate World IP Day. Observed annually on the 26th of April, World IP Day was created by WIPO in 2000 to highlight the critical role that intellectual property plays in our daily lives and in society as a whole. more

“Voltswagen”: April Fool’s Prank, Brand Turmoil, and Bulk Domain Registrations

The accidental leak of Volkswagen's new name that turned out to be an April Fool's prank made headlines. Some were relieved that it was just a marketing stunt, while others cried foul. But those in the field of cybersecurity became more curious. What did the cyber world look like during the supposed leakage until the announcement that it was a prank? more

Leasing IPv4 Addresses in the Dawn of the New Internet Era

Increased use of internet services, broader application of IoT devices, and COVID-related shift to remote work are just a few factors accelerating the transition to the new era of the Internet. However, the current network architecture is falling behind the imposed expectations to support new-age integrations, leaving one to wonder if the gap will close up any time soon. more

What Are the Common Forms of Bulk Domain & Typosquatting Registrations?

Typosquatting can enable a variety of cyber threats that include but are not limited to phishing, malware-enabled attacks, and vulnerability exploitation. In a nutshell, the attackers can rely on the technique to mimic legitimate solution and service providers' domains to trick users into thinking they are getting update notifications from their vendors, for example, when they are actually not. more

Together for the Good of the Internet: eco Complaints Office Registers More Reports Than Ever Before

For 25 years, the Complaints Office of eco -- Association of the Internet Industry has been successfully combatting illegal content on the Internet. The 2020 report now available shows that the independent hotline is making a significant contribution to the take-down and criminal investigation of illegal content. more

We Detected and Analyzed Thousands of CCTV-, Firewall-, and SCADA-themed Domains & Subdomains

Did you know that a comprehensive subdomain database can give you 69,383 fully qualified domain names (FQDNs) with the string "firewall," 241,654 FQDNs for "cctv," and 19,048 FQDNs for "scada"? That data can give cybersecurity researchers possible starting points for an article or even a full-blown research paper. more