Cybersecurity

Emotet Botnet Reconnaissance: What’s the Latest?

Emotet traces its origin as far back as 2014, when its simplest form as a banking Trojan first made the headlines. Over the years, its creators have constantly improved the malware, a popular malware-as-a-service (MaaS) offering in cybercriminal underground fora.

Top Music Streaming Services: What’s Their Potential Domains & Subdomains Attack Surface?

Content streaming services are no stranger to cyberattacks, and the recent Spotify squatting campaign reported by IBM X-Force Exchange is proof of that. Spotify, however, is not alone on the boat, as many other streaming services have fallen prey to attacks over the years.

CSC Security Center – What It Can Do for You

CSC is currently the only provider in the market offering our unique tool giving complete oversight of your most business-critical assets - namely CSC Security Center. It gives you the ability to monitor proactively the security status of all of your vital domains, DNS, digital certificates - as well as receive email alerts of changes or potential risks as and when they happen.

More from DarkSide? We Ran an Analysis of Additional Identified Artifacts

On 14 May 2021, Analyst1 security researchers released a detailed report on the DarkSide cybercriminal gang, which is believed to be responsible for ransomware attacks targeting the Colonial Pipeline. Part of the report was several indicators of compromise (IoCs), specifically 41 malware hashes, two domains, and three IP addresses.

Internet Threats Go Viral – Companies Must React to Keep Brands Secure

The year 2020 saw a marked increase in fraudulent domain registrations, phishing attacks, hacks and hijacking attempts, as well as the sale of counterfeit goods. Companies must protect themselves from revenue and reputation losses, as well as the risks of data breaches -- and not just react to the new face of commerce.

ZeuS, Still Alive and Kicking in the Form of Jabber ZeuS?

ZeuS malware traces its origin as far back as 2006, when it was used to steal victims' online banking credentials. In 2011, its source code was leaked on a file-sharing site and quickly spread throughout various underground fora.

SideWinder DNS Blackholes Uncovered with Threat Intelligence Platform

A Domain Name System (DNS) blackhole is essentially a DNS server that gives false results for domain names. Also known as a "sinkhole server," an "Internet sinkhole," or a "DNS sinkhole," threat actors sometimes use DNS blackholes to redirect users to potentially harmful sites or pages.

Why Are Seemingly Intranet Pages Exposed on the Internet?

Intranets are by definition meant for internal use only -- employee communication, content management, and the like. They are part of the Deep Web where search engines can't index sites, and unauthorized people shouldn't be able to access them.

Uncovering More Artifacts Related to the Endless Mayfly Disinformation Campaign

Many reports have released indicators of compromise (IoCs) regarding the Endless Mayfly disinformation campaign. But for those who don't know what it is, Endless Mayfly uses fake social media accounts and media websites to spread false information that has to do with U.S., Israel, and Saudi Arabia relations.

Given a Malicious Email Address, What Can You Discover with Maltego’s WhoisXML API Transforms?

On any given day, most of us get more emails that we won't read than those that we would. Many of these messages will remain unread and sent to the trash. There comes the third category of emails: Those we wished we hadn't read and acted upon because they are bound to be malicious, sent by cybercriminals trying to lure you into one of their scams.