Cybersecurity

Rise in Domain Name Registrations Highlights the Need for Continued Vigilance

Increased domain name registrations are only part of the picture. As the number of legitimate domain name registrations increase, so to do those registered by criminals in bad faith.

Augmenting Digital Risk Protection with Threat Intelligence Sources

The world continues to produce and consume digital content at an increasingly fast pace across channels - making risk exposure continuously greater in the process. To tackle this problem, digital risk protection allows organizations to address digital risk factors and monitor and reduce their attack surface.

Threat Intelligence Feeds in the Fight against Insurance-Themed Cyber Attacks

Threat actors are seasoned posers. They often pose as bank employees, police officers, or court officials. A coronavirus-themed campaign even had them posing as the Director-General of the World Health Organization (WHO). Insurance companies are also increasingly targeted, which can be attributed to the ongoing global health crisis.

WHOIS History Footprint Tells Us More about the Man Behind the Biggest BLM Scam

In 2018, the biggest scam that banked on the Black Lives Matter movement was exposed. An Australian National Union Workers official named Ian Mackay was allegedly behind the Black Lives Matter Facebook page that garnered more than 700,000 followers and racked over US$100,000 in donations.

The DNS Ecosystem, Its Vulnerabilities, and Threat Mitigations

David Conrad, CTO of The Internet Corporation for Assigned Names and Numbers (ICANN), recently presented a keynote during a webinar we collaborated on with other internet organizations. This post summarises his explanation of the domain name system (DNS) ecosystem, its vulnerabilities, and threat mitigations.

100K+ List of Disposable Email Domains Under Security Analysis

Disposable email addresses are quite widespread and for different reasons. Some people believe that using throwaway or temporary email addresses helps them protect their privacy. Others, however, use these in more questionable endeavors - hence the relevance of monitoring disposable email domains.

Detecting Possible Domain Generation Algorithm-Related Threats Using Typosquatting Data Feed

Domain generation algorithm (DGA) is used to generate several domain names commonly used for command-and-control (C&C) servers in malware attacks. The logic behind a domain name generation algorithm is quite simple. Instead of hard-coding the domain or IP address into the malware, the malware finds its C&C under a domain with a seemingly random name.

Subdomain Lookup as Part of Cybersecurity Best Practices

Threat actors are always on the lookout for potential ways into target networks. And although the cybersecurity world has a lot on its radar already, subdomains are entry points that are not always easy to identify and may end up overlooked.

Using WHOIS History and Other Intelligence Sources for Establishing Potential Attack Surfaces

Cyber attacks can come from practically any angle, and more often than not, it's hard to see them coming without knowing all there is to know about a domain's WHOIS history and connected domain entities. Several aspects come into play in this scenario, one of which is old and forgotten pages on a website.

Afilias Joins Global Encryption Coalition to Promote Internet Security

Afilias, the world's second largest domain name registry, today announced that it has joined the Global Encryption Coalition (globalencryption.org). The Global Encryption Coalition promotes and defends the use of strong encryption for everyone. By joining the coalition, Afilias has joined forces with over 50 civil society organizations, industry associations, and companies to defend encryption that helps protect everyone on the internet.