Cybersecurity

Black Friday and Cyber Monday Bring on the Scariest Sales

Black Friday and Cyber Monday are two of the most-awaited shopping events each year. That said, they have also become favored scammer targets for the most ingenious campaigns designed to part shoppers with their cash or, worse, identities.

Dormant Colors IoC Expansion: Don’t Install Browser Extensions from These Domains

Internet users are being tricked into installing browser extensions that can hijack their web searches. The end goal could be to insert affiliate links, but who knows what other malicious activities the threat actors behind them are capable of?

Rogue Tor Browser: When Search for Anonymity Leads to Exposure Instead

Anyone who wishes to browse the Internet without the prospect of being spied upon by others, whether for legal or illegal purposes, can always rely on using the Tor browser if they're so inclined.

Domain Shadowing IoC Expansion Led to Thousands of Possible Connections

Palo Alto Networks threat analysts discovered more than 12,000 cases of domain shadowing after scanning the Web from April to June 2022. For this threat, all cybercriminals need to do is create malicious subdomains under legitimate domains...

A Call for Help May Lead to Malware: BazarCall IoC Analysis and Expansion

More sophisticated BazarCall campaigns have been circulating and delivering ransomware entry points to victims. While the bait still involves urgent notification emails about nonexistent purchases or subscriptions, the subsequent phase highlights the threat actors' manipulative skills.

Eternity’s LilithBot, Soon Available to Regular Internet Users?

Eternity, also known as the "EternityTeam" or "Eternity Project," has been active since January 2022 and tied to the Jester Group. It gained infamy for using the as-a-service subscription model to distribute its own brand of malware modules via underground forums.

A Closer Look at Active Cyber Jihad Web Properties

Cyber jihad loosely refers to Islamic extremist terrorists' use of the Internet as a communications, fundraising, recruitment, training, and planning tool in their war against their enemies. Some of their most commonly cited enemies include the U.S., Western European countries, secular Arab governments, and Israel.

Alleviating BlackEnergy-Enabled DDoS Attacks

BlackEnergy first appeared in 2007. Designed to launch distributed denial-of-service (DDoS) attacks or download customized spam or banking data-stealer plug-ins, it was again used to target the State Bar of Georgia last May

Insights Into an Active Spam Domain Portfolio

Malicious spam, possibly the oldest kind of cyber threat, likely remains one of enterprises' biggest security concerns. Regardless of form and affected device, clicking a malicious link embedded in a spam email or downloading a malware-laden attachment can lead to financial, data, or identity theft.

Where Domain Security Meets the Supply Chain Crunch

New research from CSC indicates that fraudsters took advantage of the 2022 supply chain shortages to target consumers with fake websites.