Cyberattack

Cyberattack / Industry Updates

Dark Caracal: Undisclosed Targeted Attack IoCs Can Pose Risks

Targeted attacks are known as some of the most destructive cyber attacks in that they zoom in on organizations that either provide critical services or have massive user bases. more

Business Email Compromise Attacks: The Big Phishing Scam That’s Easily Missed

Business email compromise (BEC) attacks are arguably the most sophisticated of all email phishing attacks, and some of the most costly. From 2016-2018, BEC alone made $5.3 billion, but it's not an attack that everyone is familiar with. more

Attack Surface Analysis of 3 Social Media Giants

Cybercrime is first and foremost financially motivated. Cybercriminals look for lucrative targets, including social media networks with hundreds of millions of monthly active users. We put this perspective to the test by analyzing the domain attack surface of three of today's largest social media platforms. more

Attack Surface Monitoring: Two Ways to Detect Phishing Subdomains

Phishing attacks' success can be partially attributed to threat actors' use of branded domain names, including both legitimate and misspelled variants. It's no wonder, therefore, that blacklisting sites like PhishTank provide users a way to search phishing URLs by target brand. more

Gathering Context Around Emotet, Trickbot, and Dridex C&C Servers with Bulk IP Geolocation

Dridex, Trickbot, and Emotet are banking Trojans that have enabled cybercrime groups to steal hundreds of millions of dollars from their victims. These malware have evolved over the years, and just recently, Emotet was seen using stolen attachments to make their spam emails more credible. more

Threat Intelligence Feeds in the Fight against Insurance-Themed Cyber Attacks

Threat actors are seasoned posers. They often pose as bank employees, police officers, or court officials. A coronavirus-themed campaign even had them posing as the Director-General of the World Health Organization (WHO). Insurance companies are also increasingly targeted, which can be attributed to the ongoing global health crisis. more

The DNS Ecosystem, Its Vulnerabilities, and Threat Mitigations

David Conrad, CTO of The Internet Corporation for Assigned Names and Numbers (ICANN), recently presented a keynote during a webinar we collaborated on with other internet organizations. This post summarises his explanation of the domain name system (DNS) ecosystem, its vulnerabilities, and threat mitigations. more

Using WHOIS History and Other Intelligence Sources for Establishing Potential Attack Surfaces

Cyber attacks can come from practically any angle, and more often than not, it's hard to see them coming without knowing all there is to know about a domain's WHOIS history and connected domain entities. Several aspects come into play in this scenario, one of which is old and forgotten pages on a website. more

Domain Intelligence Shows Cybercriminals May Abuse Video-Conferencing Services’ Brand Names

As a huge chunk of the world's population is staying at home because of social distancing measures, video-conferencing businesses saw an opportunity to expand their freemium offers. more

How Cyber Threat Intelligence Feeds Can Support MSSPs

Organizations that don't have a dedicated pool of cybersecurity experts often hire managed security service providers (MSSPs) to help them ward off attempts and attacks. Yet in today's ever-dangerous cyber threat landscape, even the best service providers may fall for cybercriminals' traps. more