Domain Names

Decrypting the Inner DNS Workings of EncryptHub

Outpost24 recently discovered that rising cybercriminal entity EncryptHub inadvertently exposed elements of its malicious enterprise. The security investigation unveiled previously unknown aspects of the group's infrastructure, tools, and behavioral patterns.

Domain Name Industry Brief Reports 368.4 Million Domain Name Registrations in Q1 2025

The first quarter of 2025 closed with 368.4 million domain name registrations across all top-level domains (TLDs), an increase of 4.2 million domain name registrations compared to the previous quarter, according to the latest issue of the Domain Name Industry Brief Quarterly Report released Thursday at DNIB.com.

Tracing the DNS Footprints of REF7707

The targeted attack campaign REF7707 trailed its sights on the foreign ministry of a South American country in February 2025. According to Elastic Labs, the group behind the campaign has been connected to previous compromises in Southeast Asia.

Igniting a DNS Spark to Investigate the Inner Workings of SparkCat

SecureList recently published a study of Android and iOS apps that have been laced with a malicious software development kit (SDK) dubbed "SparkCat" that steals crypto wallet recovery phrases.

A Guide to Navigating the Chinese Market

The Chinese market is the second largest in the world with an estimated GDP of $18 trillion. Over the past few decades, it has grown to be a powerhouse of manufacturing and technology. This has been coupled with a large increase in the internet penetration that now stands at 76%, which for a country of 1.4 billion people is a significant number of people online.

Amazon Invested in New gTLDs

Amazon was a major player in ICANN's last top-level domain (TLD) expansion round, serving as a Registry Operator for over 50 TLDs based on over 70 strings for which they originally applied.

DNS Deep Diving Into 2025’s Up and Coming Ransomware Families

Ransomware attacks have been plaguing individual users and organizations worldwide for years now. And that is not surprising because they work. In fact, ransomware victims were asked to pay an average of US$2.5 million in 2024.

A DNS Investigation of SEO Manipulation via Bad Seed BadIIS

Trend Micro researchers recently uncovered a search engine optimization (SEO) manipulation campaign targeting users of Internet Information Services (IIS) with BadIIS.

Malicious Ads Targeting Advertisers in the DNS Spotlight

Microsoft and Google almost always land on the list of most-phished brands, and that is not surprising given their huge market presence. And phishers are often the most likely threat actors to bank on the brands' popularity for the success of their attacks.

Sneaking a Peek into the Inner DNS Workings of Sneaky 2FA

Sneaky 2FA, believed to be sold via the phishing-as-a-service (PhaaS) business model, recently figured in an adversary-in-the-middle (AitM) attack targeting Microsoft 365 users. Marketed as Sneaky Log by a full-featured bot on Telegram, Sneaky 2FA reportedly used fake Microsoft authentication pages with automatically filled-in email address fields to add to its sense of authenticity.