Industry

Latest

2022 CSC Domain Security Report Finds Nearly Three-Quarters of Global 2000 Companies are at Alarmingly High Risk of Exposure to Security Threats

We have just released our third annual Domain Security Report that found three out of four Forbes Global 2000 companies have not adopted key domain security measures - exposing them to high risk of security threats. These companies have implemented less than half of all domain security measures. more

Black Friday and Cyber Monday Bring on the Scariest Sales

Black Friday and Cyber Monday are two of the most-awaited shopping events each year. That said, they have also become favored scammer targets for the most ingenious campaigns designed to part shoppers with their cash or, worse, identities. more

RIPE 85 News Update

Over 1,000 organizations are each waiting more than 300 days to get a block of just 256 IPv4 addresses -- a /24 -- in the RIPE region. The RIPE NCC warned that the wait time will soon reach 24 months despite allocating 900 /24s in the last year. more

Dormant Colors IoC Expansion: Don’t Install Browser Extensions from These Domains

Internet users are being tricked into installing browser extensions that can hijack their web searches. The end goal could be to insert affiliate links, but who knows what other malicious activities the threat actors behind them are capable of? more

Rogue Tor Browser: When Search for Anonymity Leads to Exposure Instead

Anyone who wishes to browse the Internet without the prospect of being spied upon by others, whether for legal or illegal purposes, can always rely on using the Tor browser if they're so inclined.  more

Domain Shadowing IoC Expansion Led to Thousands of Possible Connections

Palo Alto Networks threat analysts discovered more than 12,000 cases of domain shadowing after scanning the Web from April to June 2022. For this threat, all cybercriminals need to do is create malicious subdomains under legitimate domains... more

A Call for Help May Lead to Malware: BazarCall IoC Analysis and Expansion

More sophisticated BazarCall campaigns have been circulating and delivering ransomware entry points to victims. While the bait still involves urgent notification emails about nonexistent purchases or subscriptions, the subsequent phase highlights the threat actors' manipulative skills. more

Eternity’s LilithBot, Soon Available to Regular Internet Users?

Eternity, also known as the "EternityTeam" or "Eternity Project," has been active since January 2022 and tied to the Jester Group. It gained infamy for using the as-a-service subscription model to distribute its own brand of malware modules via underground forums. more

A Closer Look at Active Cyber Jihad Web Properties

Cyber jihad loosely refers to Islamic extremist terrorists' use of the Internet as a communications, fundraising, recruitment, training, and planning tool in their war against their enemies. Some of their most commonly cited enemies include the U.S., Western European countries, secular Arab governments, and Israel. more

Alleviating BlackEnergy-Enabled DDoS Attacks

BlackEnergy first appeared in 2007. Designed to launch distributed denial-of-service (DDoS) attacks or download customized spam or banking data-stealer plug-ins, it was again used to target the State Bar of Georgia last May more

Decoding the Decade: 10 Years of Radix

During the past ten years, Radix has become one of the world's leading new domain registries, including new extensions such as .ONLINE, .STORE, .TECH, .WEBSITE, .SPACE, .PRESS, .SITE, .HOST, .FUN and .UNO. more

Insights Into an Active Spam Domain Portfolio

Malicious spam, possibly the oldest kind of cyber threat, likely remains one of enterprises' biggest security concerns. Regardless of form and affected device, clicking a malicious link embedded in a spam email or downloading a malware-laden attachment can lead to financial, data, or identity theft. more