Cybercrime

A Log4Shell Malware Campaign in the DNS Spotlight

The Log4Shell zero-day vulnerability, also known as "CVE -- 2021 -- 44228," proved to be one of the worst bugs disclosed in December 2021. And while a patch for it has been made available via the Log4j 2.17.1 release seven days after its discovery, some affected systems could remain vulnerable to date.

A Fake ID Marketplace under the DNS Lens

The concept of internationalization extends from the virtual to the physical realm. Many people wish to travel or even migrate to other countries at some point in their lives. Unfortunately, that's sometimes easier said than done given the many legal documents, including valid IDs, passports, and others required.

Behind the Genesis Market Infrastructure: An In-Depth DNS Analysis

As long as cybercriminals remain in business, so will the number of underground marketplaces grow. And despite the crackdown on the biggest markets like Silk Road, cybercriminals will continue to strive to put up their own marketplaces, probably given their profitability. Case in point?

Rogue Bulletproof Hosts May Still Be Alive and Kicking as DNS Intel Shows

Rogue bulletproof hosts are part and parcel of the cybercriminal market that is hidden deep underground. Without means to easily evade detection, attribution, and incarceration, many of today's cybercriminals would not be able to continue their malicious operations.

Phisher Abusing .com TLD?

Phishing campaigns almost always require a massive volume of domains in order to succeed. Phishers, after all, need to have readily weaponizable vectors at their disposal in case the ones they're currently employing get detected and consequently blocked.

The Makings of ADHUBLLKA According to the DNS

It's not uncommon for cybercriminals to tweak an existing piece of malware and then call it a new creation. We've seen that happen even in malware's earliest days. It's actually happening more and more these days, especially with the rise of the malware-as-a-service (MaaS) business model.

Thawing IcedID Out Through a DNS Analysis

Evolution isn't only for humans and other living things. Apparently, malware can evolve, too, and IcedID is a good example. First detected as a banking trojan in 2017, IcedID continues to undergo updates that make it even more dangerous. In the past few months, IcedID variants have been observed to deliver ransomware payloads instead of performing its original function -- stealing financial data.

New CSC Research Indicates Launch of Threads by Instagram is Already a Growing Target for Fraud and Brand Abuse

On July 5, 2023, Meta's Instagram released "Threads" -- an online social media and social networking service offering users the ability to post and share text, images, and videos, as well as interact with others and join public conversations through posts, replies, reposts, and likes.

WhiteSnake Stealer Serpentines through the DNS

It's not unusual for data stealers to target several browsers simultaneously. Zooming in on multiple platforms at once, including email clients, gaming portals, chat apps, crypto wallets, and even VPN-protected services, however, is quite novel.

CSC Launches Groundbreaking Domaincasting Digital Blocking Network

CSC, an enterprise-class domain registrar and world leader in mitigating domain and domain name system (DNS) threats, has launched its new Domaincasting^SM digital blocking network - a complement to its current Enforcement services.