RedLine Stealer seems to have stolen cybercriminals' hearts as its usage has continued despite cybersecurity efforts to thwart it. Researchers have published reports about the stealer in the past, but its operators may have updated their arsenal with new domains and IP addresses to evade detection and consequent mitigation. more
Last year, several governments reportedly used the NSO Group's spyware Pegasus to exploit a zero-day vulnerability in WhatsApp to spy on journalists, opposition politicians, and dissidents via their mobile devices. Apple quickly addressed the issue by launching more powerful data protection features. more
Organizations get bombarded with countless attacks from every direction, including via their supply chain. FortifyData's recent record of the top third-party data breaches in 2023 brings to light how multidirectional threat sources can be. In one of the data breaches on the list, AT&T disclosed in March 2023 that threat actors accessed the information of approximately 9 million wireless accounts through the telecommunication company's marketing vendor. more
Rogue bulletproof hosts are part and parcel of the cybercriminal market that is hidden deep underground. Without means to easily evade detection, attribution, and incarceration, many of today's cybercriminals would not be able to continue their malicious operations. more
The concept of internationalization extends from the virtual to the physical realm. Many people wish to travel or even migrate to other countries at some point in their lives. Unfortunately, that's sometimes easier said than done given the many legal documents, including valid IDs, passports, and others required. more
Avid philanthropist, entrepreneur, and creator, MrBeast, AKA Jimmy Donaldson, has switched his official merch store from shopmrbeast.com to the more intuitive mrbeast.store. He announced his move to the .Store domain in his most recent video, which garnered close to 70M views in less than 3 days. more
We've proven time and again that the effects of current events always extend to the DNS. Just last month, two big banks - the Silicon Valley Bank (SVB) and Credit Suisse - collapsed. Financial experts said more banks may be bound to follow. more
XLoader has been plaguing macOS users since it was first discovered in 2021. Back then, though, it only posed a threat to those who opted to install Java on their systems. more
DNS abuse combined with redirection seems to be gaining popularity as a stealth mechanism. We've just seen Decoy Dog employ the same tactic. More recently, a still-unnamed JavaScript (JS) malware has been wreaking havoc among WordPress site owners by abusing Google Public DNS to redirect victims to tech support scam sites. more
The Kimsuky Group, believed to be a North Korea-based advanced persistent threat (APT) group active since 2013, struck again several times this year. They gained notoriety for launching spear-phishing attacks on targets to gain initial access. more
It's not uncommon for cybercriminals to tweak an existing piece of malware and then call it a new creation. We've seen that happen even in malware's earliest days. It's actually happening more and more these days, especially with the rise of the malware-as-a-service (MaaS) business model. more
Given the ubiquity of mobile phone usage, you'd think we'd all know by now how to tell legitimate from scammy text messages. Then again, cybercriminals are always on top of their game -- learning how the latest technologies work and finding ways to abuse them. more
We began our analysis by subjecting the domains identified as IoCs to Threat Intelligence Platform (TIP) lookups. Those allowed us to uncover these WHOIS record findings. more
Decoy Dog, a malware renowned for abusing the DNS, specifically by establishing command and control (C&C) via DNS queries, first reared its head most likely in early 2022. Given its sly nature, the DNS malware has been used to successfully steal data from organizations throughout Russia and other Eastern European nations. more
Since 2014, more than 800 new domain extensions have been added to the internet. In addition to the ubiquitous .com and country-code extensions such as the United Kingdom's .uk and Japan's .jp, unique spaces have been created for industry sectors, special interests, geographical regions and more. more
Sponsored byRadix
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byCSC
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byWhoisXML API