Industry

A Look Back at the Top 10 Ransomware of 2025

A retrospective analysis of 2025's top ransomware groups reveals how DNS traces, historical WHOIS records, and network IoCs exposed hidden infrastructure, affiliate activity, and thousands of potential victim connections linked to major cybercriminal operations. more

IPv4 Market Shows Signs of Stabilization as Demand Holds Firm

After months of decline, the IPv4 market is showing signs of stabilization. April pricing held steady across block sizes as resilient demand, broader transaction activity, and improving buyer confidence pointed toward a more constructive market environment through 2026. more

A Network IoC Analysis for 8 Iran-Affiliated APT Groups

An analysis of 191 network indicators tied to eight Iran-affiliated APT groups uncovered malicious domains, active infrastructure, thousands of victim-linked IP interactions, and coordinated DNS activity, revealing the breadth and persistence of Tehran-linked cyber operations amid escalating regional tensions. more

Firms Stick With “.com” While Cyber Risks Redefine Domain Strategy

Corporate domain strategies remain anchored in legacy extensions even as new domains proliferate, forcing firms to balance global reach, regional needs and rising fraud risks in an increasingly complex digital landscape. more

Unearthing DNS Facts about UAT-8099

WhoisXML API analysis deepens understanding of the UAT-8099 campaign, uncovering expanded DNS infrastructure, early indicators of malicious intent, and thousands of linked artifacts, underscoring the group's evolving tactics and regional focus across Asia. more

DNIB Reports 392.5 Million Domain Name Registrations in Q1 2026

The first quarter of 2026 closed with 392.5 million domain name registrations across all top-level domains (TLDs), an increase of 24.1 million domain name registrations compared to the first quarter of 2025, according to the latest issue of the Domain Name Industry Brief Quarterly Report released Thursday at DNIB.com. more

ForceMemo in the DNS Spotlight

Researchers tracing the ForceMemo campaign uncover a sprawling DNS footprint, linking compromised GitHub repositories to suspicious domains, shared infrastructure and fresh artifacts, suggesting a coordinated operation that continues to evolve despite partial attribution. more

Domains: The Overlooked Frontline in IP Protection

Domains have quietly become the primary entry point for online IP infringement, yet most firms lack visibility over portfolios, leaving brands exposed and prompting a shift toward integrated, proactive domain governance and security. more

IPv4 Market Shows Early Signs of Stabilization Amid Persistent Demand

After months of declining prices, the IPv4 market shows early signs of stabilisation, with firming prices, resilient global demand, and sustained transaction volume suggesting a gradual rebalancing rather than a structural downturn. more

DNS Analysis of the Keenadu Backdoor Network

Keenadu backdoor embedded in Android firmware exploits supply chains and OTA updates, while DNS analysis of its infrastructure reveals coordinated domains, IP links, and early warning signals pointing to premeditated, scalable cybercriminal operations globally distributed. more

A DNS Exploration of Operation Olalampo

MuddyWater's Operation Olalampo targets MENA entities using new malware and Telegram-based control, as DNS analysis uncovers fresh infrastructure, thousands of linked domains, and expanded indicators pointing to a broader, coordinated campaign. more

DNS Deep Dive: LummaStealer + CastleLoader = Larger Threat

LummaStealer's revival, paired with CastleLoader, reveals a more evasive malware ecosystem, leveraging obfuscation, DNS agility and vast infrastructure to reach over 100,000 potential victims while spawning hundreds of linked malicious domains and IPs globally observed. more