Cybersecurity

Not All VPN Users Are Worth Trusting, a Lesson for Cloud Service Providers

Virtual private networks (VPNs) are widespread; about a third of the Internet population uses them worldwide. Their primary reason? VPN usage touts more secure browsing.

Gathering Context Around Emotet, Trickbot, and Dridex C&C Servers with Bulk IP Geolocation

Dridex, Trickbot, and Emotet are banking Trojans that have enabled cybercrime groups to steal hundreds of millions of dollars from their victims. These malware have evolved over the years, and just recently, Emotet was seen using stolen attachments to make their spam emails more credible.

Rise in Domain Name Registrations Highlights the Need for Continued Vigilance

Increased domain name registrations are only part of the picture. As the number of legitimate domain name registrations increase, so to do those registered by criminals in bad faith.

Augmenting Digital Risk Protection with Threat Intelligence Sources

The world continues to produce and consume digital content at an increasingly fast pace across channels - making risk exposure continuously greater in the process. To tackle this problem, digital risk protection allows organizations to address digital risk factors and monitor and reduce their attack surface.

Threat Intelligence Feeds in the Fight against Insurance-Themed Cyber Attacks

Threat actors are seasoned posers. They often pose as bank employees, police officers, or court officials. A coronavirus-themed campaign even had them posing as the Director-General of the World Health Organization (WHO). Insurance companies are also increasingly targeted, which can be attributed to the ongoing global health crisis.

WHOIS History Footprint Tells Us More about the Man Behind the Biggest BLM Scam

In 2018, the biggest scam that banked on the Black Lives Matter movement was exposed. An Australian National Union Workers official named Ian Mackay was allegedly behind the Black Lives Matter Facebook page that garnered more than 700,000 followers and racked over US$100,000 in donations.

The DNS Ecosystem, Its Vulnerabilities, and Threat Mitigations

David Conrad, CTO of The Internet Corporation for Assigned Names and Numbers (ICANN), recently presented a keynote during a webinar we collaborated on with other internet organizations. This post summarises his explanation of the domain name system (DNS) ecosystem, its vulnerabilities, and threat mitigations.

100K+ List of Disposable Email Domains Under Security Analysis

Disposable email addresses are quite widespread and for different reasons. Some people believe that using throwaway or temporary email addresses helps them protect their privacy. Others, however, use these in more questionable endeavors - hence the relevance of monitoring disposable email domains.

Detecting Possible Domain Generation Algorithm-Related Threats Using Typosquatting Data Feed

Domain generation algorithm (DGA) is used to generate several domain names commonly used for command-and-control (C&C) servers in malware attacks. The logic behind a domain name generation algorithm is quite simple. Instead of hard-coding the domain or IP address into the malware, the malware finds its C&C under a domain with a seemingly random name.

Subdomain Lookup as Part of Cybersecurity Best Practices

Threat actors are always on the lookout for potential ways into target networks. And although the cybersecurity world has a lot on its radar already, subdomains are entry points that are not always easy to identify and may end up overlooked.