Industry

Domain Shadowing IoC Expansion Led to Thousands of Possible Connections

Palo Alto Networks threat analysts discovered more than 12,000 cases of domain shadowing after scanning the Web from April to June 2022. For this threat, all cybercriminals need to do is create malicious subdomains under legitimate domains... more

Legal Services as a Phishing Target: How Domain Reputation Checks Can Help

The legal sector has become a favored target of phishing campaigns. 80% of law firms reportedly received phishing emails in 2018. And in 2017, the success of these phishing campaigns was 300% higher than in 2016. more

Vertical Integration: A View from the Bottom Up

An interesting thing happened on the way to ICANN's new Affirmation of Commitments. ICANN staff has consistently recommended a reversal of its longstanding policy that prohibits a registry from acting as a registrar in its own top level domain ("TLD"). We see two good reasons why this anti-consumer proposal is unacceptable. more

Profiling the Massive Infrastructure Behind the Democratic National Committee Cyberintrusion

The Democratic National Committee (DNC) breach was a high-profile cyber attack in recent history. Years later, the cybersecurity community can still benefit from insights and actionable intelligence relevant to the attack. In line with this, WhoisXML API threat researcher Dancho Danchev dove deep into the DNS system intrusion using publicly available indicators of compromise (IoCs). We further enriched his findings, allowing us to uncover: more

What’s the Domain Attack Surface of the Top 10 Most Impersonated Brands in Q2 2021?

Domain attack surface discovery is an incessant quest for domain and subdomain names that could be used as attack vectors. The larger its attack surface, the more vulnerable an organization tends to be. On the other hand, the more attack vectors discovered, the higher the chances of mitigating cyber attacks. more

Afilias Releases 160,000+ Names Across 8 New TLDs

Previously reserved "ICANN collision" names now available to public. Couldn't register for great names like caribbean.blue, bake.organic, or planet.red? Now you can! more

How IP Netblocks Data Can Enrich SIEM Software

There's no denying the fact that many enterprises worldwide use security information and event management (SIEM) software. These products collect, analyze, and create reports on cybersecurity data from the range of systems an organization uses. Some SIEM programs are even capable of stopping attacks in progress as soon as these are detected. more

Afilias’ Project Safeguard to Boost Global DNSSEC Deployment by 50 Percent

Afilias, a global provider of Internet infrastructure services, today announced that it will deploy Domain Name System Security Extensions (DNSSEC) across its registry platforms, signing 13 more top-level domains (TLDs) and increasing DNSSEC deployment among domain registries by 50 percent. more

DNS Insights behind the JumpCloud Supply Chain Attack

Even solutions meant to enhance security can sometimes fall prey to the best cyber attackers. That's what happened to JumpCloud, a cloud-based directory service platform designed to centralize and simplify identity access management (IAM). more

Radix Adds Dyn as a DNS Service Provider

Radix has contracted global industry leader Dyn to become its second supplier of DNS services for all its new domains. Dyn's DNS service will run concurrently with Radix's existing DNS services, thereby adding a layer of DNS redundancy. more

Hybrid Cloud Proves Clouds Are Worthy of Email Infrastructure

With the cloud, senders no longer need to plan for and procure MTAs and other IT infrastructure weeks or months in advance. Instead, they can instantly access hundreds or thousands of servers in minutes and deploy massive amounts of emails faster than ever. more

The Web.com Data Breach: A Quick Investigation with Domain Reputation Lookup

On 16 October, Web.com – the world's oldest domain name provider and owner of Network Solutions, NameSecure, and Register.com – disclosed a major breach resulting in the leakage of its customers' personally identifiable information (PII). more

Detectify vs Intruder: External Attack Surface Management on a Budget

Choosing an attack surface management or a vulnerability management platform often comes down to identifying which tool provides the right mix of visibility, automation, and precision that matches your team's needs, ideally at as low a price as possible. more

Should Cracks and Keygens Remain a Cybersecurity Concern?

Cracks and keygens have long been a problem for software vendors in that they allow users to install their products without needing to pay for a legitimate license. As the Internet and website development advanced and became more accessible, the number of sites offering software cracking tools grew. more

.ORG Celebrates 25th Anniversary of Very First Registration - MITRE.org

As one of the original top-level domains, .ORG, The Public Interest Registry (PIR) today congratulates The MITRE Corporation for being the first registrant 25 years ago with the .ORG domain. Purchased on July 10, 1985, MITRE.org jumpstarted over 8 million subsequent registrations by becoming the very first .ORG domain holder. more