Domain Management

Attack Surface Reduction: Scrutiny of the Top Payment Processing Companies

Almost every transaction on the Internet is riddled with risks, and the use of online payment processing platforms is no exception. With more people opting to transact online and use digital wallets, threat actors have much to gain by targeting online payment processing platforms.

Mergers and Acquisitions: Taking Care of Digital Brands During Entity Consolidation

For those actively pursuing mergers and acquisitions, now is the time to do extensive due diligence to understand any implications around intellectual property (IP) and, more importantly, to understand what cybersecurity risks there may be.

CSC’s Research on Election-Related Domains Aligns with Recent FBI and CISA Warning

Following a public announcement from the FBI and CISA warning the public to avoid spoofed election-related internet domains, CSC announced research findings that show the overwhelming majority of registered typo domains related to the election are vulnerable.

Strengthening Brand Protection with Subdomain Lookups: A Short Study

Threat actors usually ride on a brand's popularity to make phishing campaigns believable. A common approach involves registering typosquatting domains that closely resemble those of the legitimate owners. Yet monitoring typosquatting domains may just be the tip of the iceberg in the fight against phishing.

Attack Surface Monitoring: Two Ways to Detect Phishing Subdomains

Phishing attacks' success can be partially attributed to threat actors' use of branded domain names, including both legitimate and misspelled variants. It's no wonder, therefore, that blacklisting sites like PhishTank provide users a way to search phishing URLs by target brand.

Gathering Context Around Emotet, Trickbot, and Dridex C&C Servers with Bulk IP Geolocation

Dridex, Trickbot, and Emotet are banking Trojans that have enabled cybercrime groups to steal hundreds of millions of dollars from their victims. These malware have evolved over the years, and just recently, Emotet was seen using stolen attachments to make their spam emails more credible.

Rise in Domain Name Registrations Highlights the Need for Continued Vigilance

Increased domain name registrations are only part of the picture. As the number of legitimate domain name registrations increase, so to do those registered by criminals in bad faith.

MarkMonitor Releases New gTLD Quarterly Report for Q3 2020

MarkMonitor today released its latest issue of the New gTLD Quarterly Report for the third quarter of 2020 with particular focus on the innovations made by Registry Operators, including the newest example of a domain product with significant security benefits.

Threat Intelligence Feeds in the Fight against Insurance-Themed Cyber Attacks

Threat actors are seasoned posers. They often pose as bank employees, police officers, or court officials. A coronavirus-themed campaign even had them posing as the Director-General of the World Health Organization (WHO). Insurance companies are also increasingly targeted, which can be attributed to the ongoing global health crisis.

WHOIS History Footprint Tells Us More about the Man Behind the Biggest BLM Scam

In 2018, the biggest scam that banked on the Black Lives Matter movement was exposed. An Australian National Union Workers official named Ian Mackay was allegedly behind the Black Lives Matter Facebook page that garnered more than 700,000 followers and racked over US$100,000 in donations.