Cybersecurity

Cybersecurity and the Environment: 4 Reasons Why They Are Well-Suited

Earth Day 2022's theme is Invest in Our Planet, collectively putting our governments, businesses, and people in charge of how they should be investing in our planet so it's here for generations to come. Last year, during the COP26 in Glasgow, diplomats of almost 200 countries reached a deal to fight against climate change.

Expanding the Conti Ransomware IoCs Using WHOIS and IP Clues

On 9 March 2022, the Cybersecurity and Infrastructure Security Agency (CISA) added 98 indicators of compromise (IoCs) to their Conti ransomware alert page. WhoisXML API researchers examined these flagged domain names for recurring characteristics to uncover more artifacts.

HermeticWiper: Another Threat Targeting Ukraine at Large

HermeticWiper, also known as "IsaacWiper" or "Sandworm," which wipes the data on computers, rendering them useless, has reportedly affected hundreds of Ukrainian users since it surfaced. While a few cybersecurity specialists have publicized indicators of compromise (IoCs) related to the ongoing campaigns, we found more connected web properties that users may need to steer clear of to avoid becoming the next victims.

Operation Dream Job: Same Tactics, New Vulnerability and Domains?

Operation Dream Job, a malicious group first seen in 2020, involves threat actors spoofing job hunting sites to lure people. It resurfaced in February 2022, this time exploiting a zero-day vulnerability in Google Chrome more than a month before the flaw was detected and a patch was made available.

What Are the DNS Artifacts Associated With APT36 or Earth Karkaddan?

APT36 or Earth Karkaddan is an advanced persistent threat (APT) actor group targeting various government entities, most especially those based in India. The web properties they use for campaigns include only a few domains and IP addresses along with related malware hashes as indicators of compromise (IoCs).

A Look at Actinium/Gamaredon’s Infrastructure: More Artifacts Revealed

Actinium/Gamaredon, reported as a Russian advanced persistent threat (APT) group that has been active for almost a decade now, had started trailing their sights on Ukrainian organizations back in February 2022.

From Fake News Proliferation to Data Theft: Tracing the Red Cross Hack to a Misinformation Network

The International Committee of the Red Cross (ICRC) hack in January 2022 led to the compromise of the sensitive information belonging to 515,000 people. While no indicators of compromise (IoCs) relevant to the attack have been publicized, a security researcher did expose a possible link to an Iranian misinformation network.

Behind the Innovative Marketing Rogue Scareware Distribution Network

Cybercriminal network Innovative Marketing made headlines in rogue scareware's heyday. Between its founding in Kyiv, Ukraine, in 2009 and the three years it continued operating, the company reportedly amassed close to US$700 million in revenue.

Meet the Speakers of the Cyber Threat Mitigation Webinar (by IPXO)

On the 14th of April, IPXO, the world's leading IP monetization and leasing platform will be holding a webinar on Cyber Threat Mitigation. Thought leaders from CUJO AI, Deft, Voxility and IPXO, will be sharing their insights from their experiences in observing and analyzing the Internet's landscape.

Limited IP Resources Leave Smaller ISPs Vulnerable to Judgement Errors When Making Tough Cybersecurity Calls

An increasing number of cyberattacks on internet users is causing more and more internet blackouts as smaller Internet Providers struggle with tough choices and limited resources. Gustavas Davidavicius, Abuse Prevention Team Lead at IPXO, shares insights on the role of human errors in ISP-related cybersecurity failures and other measures that can be taken to reduce the incidence and impact of cyber-attacks globally.