Cybersecurity |
Sponsored by |
|
ZeuS malware traces its origin as far back as 2006, when it was used to steal victims' online banking credentials. In 2011, its source code was leaked on a file-sharing site and quickly spread throughout various underground fora. more
A Domain Name System (DNS) blackhole is essentially a DNS server that gives false results for domain names. Also known as a "sinkhole server," an "Internet sinkhole," or a "DNS sinkhole," threat actors sometimes use DNS blackholes to redirect users to potentially harmful sites or pages. more
Intranets are by definition meant for internal use only -- employee communication, content management, and the like. They are part of the Deep Web where search engines can't index sites, and unauthorized people shouldn't be able to access them. more
Many reports have released indicators of compromise (IoCs) regarding the Endless Mayfly disinformation campaign. But for those who don't know what it is, Endless Mayfly uses fake social media accounts and media websites to spread false information that has to do with U.S., Israel, and Saudi Arabia relations. more
On any given day, most of us get more emails that we won't read than those that we would. Many of these messages will remain unread and sent to the trash. There comes the third category of emails: Those we wished we hadn't read and acted upon because they are bound to be malicious, sent by cybercriminals trying to lure you into one of their scams. more
Cryptocurrencies keep making waves in the online community, making them prime vehicles of threat actors in scam, phishing, and other malicious campaigns. Fraudsters, for one, have stolen millions of dollars worth of cryptocurrencies from investors through websites that promise rewards, giveaways, and earning opportunities. more
A threat actor reportedly infiltrated the network of and stole data from a financial institution about a month ago by exploiting any of four Microsoft Exchange Server vulnerabilities -- CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, or CVE-2021-27065. While patches for all these have been released, users who have not downloaded and installed these could remain at risk. more
Threats can come from anywhere, even from legitimate hosting infrastructure. In fact, many cybercriminals often host their command-and-control (C&C) servers in known hosting providers' networks, sometimes those that offer bulletproof hosting services, to evade detection and consequent blocking. more
Magecart-style attacks have been around for a while and continue to be mentioned in the news in 2021. We found and collected a list of 20 domain names that have been mentioned in the past months on VirusTotal as Magecart indicators of compromise (IoCs). more
Addressing Domain Name System (DNS) abuse has been a priority of the Internet Corporation for Assigned Names and Numbers (ICANN), notably since March 2020. During its 70th conference, the organization's members talked about creating a web page defining DNS abuse-related terms, which should be updated over time, to help users report cases. more
A World-Renowned Source for Internet Developments. Serving Since 2002.