DNS Security

What Remains of Black Basta Now That Alleged Gang Leader Joined the Most Wanted List?

As authorities pursue Black Basta's alleged leader, new analysis of campaign indicators reveals sprawling infrastructure, thousands of linked domains, and persistent ransomware tactics that rely on phishing, known vulnerabilities, and double-extortion pressure.

Top 10 Malware of Q4 2025: A DNS Deep Dive

An analysis of 46 DNS indicators tied to seven of Q4 2025's most prevalent malware families reveals early warning signals, coordinated campaigns and hundreds of connected artifacts, underscoring the predictive power of proactive threat intelligence.

A Look Back at the Top Ransomware Attack Targeting the Salesforce Supply Chain

A sprawling ransomware campaign targeting Salesforce's SaaS supply chain topped 2025's breach rankings, exposing millions of records. Fresh DNS analysis uncovered 8,318 linked artifacts, revealing how overlooked indicators foreshadowed widespread, multisector disruption.

QakBot Named a 2026 Top Malware Threat: An IoC Analysis

An IoC deep dive into QakBot, newly ranked among 2026's top malware threats, reveals sprawling infrastructure, recycled domains, and fresh artifacts, underscoring how phishing-led access campaigns continue to endanger email-reliant enterprises worldwide.

The Rise of AI Agent Surface Management (ASM-AI)

As AI agents gain delegated authority in enterprise systems, they introduce a new security frontier: ASM-AI. The real threat is no longer malicious code, but trusted bots making unsupervised, high-risk decisions.

Probing the DNS Depths of PHALT#BLYX

A stealthy phishing campaign known as PHALT#BLYX leveraged fake CAPTCHAs and BSOD screens to deploy DCRat, with forensic analysis uncovering widespread DNS misuse, typosquatting, and more than 21,000 email-connected domains.

Divulging the DNS Secrets of DarkSpectre

Koi Security exposes the DNS infrastructure behind DarkSpectre's latest cyber campaign. Their investigation uncovers nearly 9,000 suspect domains and IP links, revealing how a stealthy browser extension compromised 2.2 million users.

CSC’s 2026 Domain Security Report Reveals Escalating Enterprise Risks from Weak Digital Perimeters

CSC's 2026 Domain Security Report reveals persistent vulnerabilities across the Global 2000, with domain-based threats rising and unicorn firms showing mixed security maturity amid growing regulatory pressure and AI-driven cyber risks.

Analyzing Account Takeover Attacks Leveraging SquarePhish2 and Graphish

State-sponsored and criminal groups exploited OAuth weaknesses using SquarePhish2 and Graphish to hijack Microsoft 365 accounts, prompting data theft and broader infiltration campaigns. Analysts uncovered 46 confirmed indicators and hundreds of related artifacts.

DNS Spotlight: The Silver Fox in the Henhouse

Silver Fox, a Chinese state-backed hacking group, disguised its espionage campaign as Russian activity using Cyrillic-laced lures and DNS infrastructure, deploying ValleyRAT to steal intelligence and finance operations through Microsoft Teams abuse.