Domain Names

Is Aurora as Stealthy as Its Operators Believe?

Stealth is a typical goal for most threat actors when launching malware and other attacks. The better hidden a malware is, the more effective an attack becomes. And that is what fast-rising data stealer Aurora is gaining notoriety for.

Exposing the New Potential Ways Royal Ransomware Gets Delivered

DEV -- 0569, a threat actor Microsoft has been monitoring, was recently observed deploying Royal ransomware via pages posing as legitimate software download sites and repositories, among other stealthy tactics. He has so far used fake download sites for Adobe Flash Player, AnyDesk, Zoom, and TeamViewer in phishing emails and domains.

Why Domain Seizure May Not Stop Money Mule Recruitment Campaigns

In the realm of cybersecurity, seizing domains unfortunately doesn't always mean the end for the threats they pose. Such could be the case for the 18 domains U.S. law enforcement agents recently took offline for their ties to a money mule recruitment operation reported by Bleeping Computer.

From Counties to Banks: Tracing the Footprint of Ransomware Attack IoCs

SecurityScorecard published a report on a cyber attack that a U.S. county victim announced on 11 September 2022. With ransomware attacks against local government units increasing in the past few years, WhoisXML API researchers decided to build on the list of IP addresses related to the attacks.

Verisign Domain Name Industry Brief: 349.9 Million Domain Name Registrations in Q3 2022

Today, we released the latest issue of The Domain Name Industry Brief, which shows that the third quarter of 2022 closed with 349.9 million domain name registrations across all top-level domains, a decrease of 1.6 million domain name registrations, or 0.4%, compared to the second quarter of 2022. Domain name registrations have increased by 11.5 million, or 3.4%, year over year.

Watch Out, That Browser Extension Could Be Cloud9 in Disguise

Zimperium zLabs threat researchers recently reported the case of the Cloud9 Chrome Botnet, and rightly so. Many of us seem to forget just how much information cybercriminals can steal from our browsers.

Is There More to the New Transparent Tribe TTPs?

The Pakistan-India rivalry has been going on for some time now, not just in sports events but also online in the form of cyber attacks. Zscaler ThreatLabz has been monitoring a result of this ongoing friction -- Transparent Tribe, also known as "APT -- 36" -- since the start of this year.

Nothing Funny or Romantic about These RomCom IoCs and Artifacts

The threat actor dubbed "RomCom," known for deploying spoofed versions of popular software, has been quite busy these past few months. In the past, he was seen imitating Advanced IP Scanner and PDF Filler. More recently, though, he's been targeting Ukraine, the U.K., and other English-speaking countries by spoofing SolarWinds, KeePass, PDF Reader Pro, and Veeam.

Robin Banks May Be Robbing You Blind

You may be wondering who Robin Banks is, but you should instead ask what Robin Banks is. Robin Banks is a phishing-as-a-service (PhaaS) platform that first surfaced in March this year. The name is a play on the phrase "robbing banks," coined by IronNet researchers who introduced the malicious platform to the world.

Investment-Related Cybersquatting: Another Way to Lose Money?

This year, the stock market is at its most volatile state due to several factors. Debates abound about whether 2022 will be as bad as 2008, but we'll leave that up to the experts.