Cybersecurity

Checking Out the DNS for More Signs of ResumeLooters

Group-IB uncovered ResumeLooters, a threat actor group specializing in victimizing job hunters to steal their personally identifiable information (PII).

WhoisXML API Publishes a New Study of 7 APT Groups That Have Targeted North America

In the past two decades, at least 41 advanced persistent threat (APT) groups have launched attacks on entities and organizations based in North America.

Searching for Potential Propaganda Vehicle Presence in the DNS

The Citizen Lab recently uncovered an ongoing online propaganda campaign they have dubbed "PAPERWALL" that has been targeting local news outlets across 30 countries in Europe, Asia, and Latin America.

Following the VexTrio DNS Trail

VexTrio, a traffic distribution system (TDS) provider believed to be an affiliate of ClearFake and SocGholish, among other threat actors, has been active since 2017.

DarkGate RAT Comes into the DNS Spotlight

In the past, DarkGate attacks were either lumped together with or classified as BattleRoyal remote access Trojan (RAT) attacks. Recent evidence, however, showed the two malware are not one and the same.

Tracing Ivanti Zero-Day Exploitation IoCs in the DNS

Among the latest to suffer from zero-day exploitation is Ivanti, a software company providing endpoint management and remote access solutions to various organizations, including U.S. federal agencies.

DNS Investigation: Is xDedic Truly Done for After Its Takedown?

Law enforcement agencies shut down xDedic, a cybercrime-as-a-service (CaaS) marketplace specifically providing web servers to cybercriminals, back in 2019. However, WhoisXML API threat researcher Dancho Danchev posits that parts of its backend infrastructure may remain traceable.

DNS Deep Diving into Pig Butchering Scams

New kids on the cybercrime block, pig butchering scams, have been making waves lately, and it is not surprising why. Scammers have been earning tons from them by being able to trick users into investing in seemingly legitimate business ventures but losing their hard-earned cash instead.

The New RisePro Version in the DNS Spotlight

RisePro, a malware-as-a-service data stealer, has been plaguing users since 2022. ANY.RUN recently discovered and analyzed its latest version in great depth and identified 10 indicators of compromise (IoCs) -- three domains and seven IP addresses.

CSC Partners with NetDiligence to Help Mitigate Cyber Risks and Support the Cyber Insurance Ecosystem

CSC, an enterprise-class domain registrar and world leader in mitigating domain security, domain name system (DNS), and digital brand threats, today announces its partnership with NetDiligence®, a leader in cyber risk readiness and response solutions for the cyber insurance industry.