Cybersecurity

Phorpiex Botnet Extortion: DNS Facts and Findings

The Phorpiex botnet has been operating for years now. It first focused on distributing old-school worms that spread via infected USB drives or through chats that relied on the Internet Relay Chat (IRC) protocol.

Beyond Hafnium Attacks: An Expansion of IoCs Related to 3 APT Clusters

The Hafnium attacks targeting Microsoft Exchange Server vulnerabilities triggered several cybersecurity investigators and researchers to hunt for other threat actors that use similar attack methods. Among them is the Cybereason News Network.

Credential-Hinting Domain Names: A Phishing Lure?

As an attack vector, phishing has had several underlying purposes – e.g., delivering malware, stealing sensitive information, and defrauding victims. However, it looks like most phishing emails could be used to obtain user credentials according to the 2021 Annual State of Phishing Report by Cofense.

What Are the Internet Domains Connected to the Conficker Botnet?

Conficker gained prominence back in 2008, when it was then considered possibly the most widespread worm affecting millions of Windows computers worldwide. For several years, the worm, also known as "Downup," "Downadup," "Downad," or "Kido," was the top malware infector.

Investigation of an Iranian Misinformation Network: Are Some IRGC Domains Still Up?

June 2021 saw the U.S. Department of Justice (DOJ) shutting down and seizing several websites believed to be involved in misinformation campaigns. These websites published news-related content and seemingly had connections to Irani governmental entities. In fact, some of them were found to be the property of the Iranian Islamic Radio and Television Union (IRTVU).

WhoisXML API Launches White-Label Brand Monitor to Make Brand Protection More Accessible

WhoisXML API recently launched a while-label variant of its Brand Monitor solution so more organizations can offer domain brand protection and marketing services using their own label.

What’s the Domain Attack Surface of the Top 10 Most Impersonated Brands in Q2 2021?

Domain attack surface discovery is an incessant quest for domain and subdomain names that could be used as attack vectors. The larger its attack surface, the more vulnerable an organization tends to be. On the other hand, the more attack vectors discovered, the higher the chances of mitigating cyber attacks.

On Your Marks ... Olympic-Related Domain Trends

With the Olympics underway in Tokyo, CSC has taken the opportunity to analyze domain name registrations that include Olympic-related terms. The following three data sets show that cybersquatters are using the domain name channel to perpetrate fraudulent activity against worldwide brands.

Could the LGBTQ Community Be a Target of Internet Threat Actors?

Pride month is celebrated worldwide. While it's meant to be a time of celebration for members of the LGBTQ community and their families and supporters, its popularity has also made it a possible target of cyber threats. In this post, we look at potentially dangerous Internet properties that have been registered both recently and over the years.

Uncovering Office 365-Related Artifacts with IP and Domain Intelligence

While Office 365 is one of the most prevalent office suites out in the market today, its users can't rest easy. Cybercriminals and threat actors will always find ways to abuse the most popular brands in various ways.