A retrospective analysis of 2025's top ransomware groups reveals how DNS traces, historical WHOIS records, and network IoCs exposed hidden infrastructure, affiliate activity, and thousands of potential victim connections linked to major cybercriminal operations.
After months of decline, the IPv4 market is showing signs of stabilization. April pricing held steady across block sizes as resilient demand, broader transaction activity, and improving buyer confidence pointed toward a more constructive market environment through 2026.
An analysis of 191 network indicators tied to eight Iran-affiliated APT groups uncovered malicious domains, active infrastructure, thousands of victim-linked IP interactions, and coordinated DNS activity, revealing the breadth and persistence of Tehran-linked cyber operations amid escalating regional tensions.
Corporate domain strategies remain anchored in legacy extensions even as new domains proliferate, forcing firms to balance global reach, regional needs and rising fraud risks in an increasingly complex digital landscape.
WhoisXML API analysis deepens understanding of the UAT-8099 campaign, uncovering expanded DNS infrastructure, early indicators of malicious intent, and thousands of linked artifacts, underscoring the group's evolving tactics and regional focus across Asia.
The first quarter of 2026 closed with 392.5 million domain name registrations across all top-level domains (TLDs), an increase of 24.1 million domain name registrations compared to the first quarter of 2025, according to the latest issue of the Domain Name Industry Brief Quarterly Report released Thursday at DNIB.com.
Researchers tracing the ForceMemo campaign uncover a sprawling DNS footprint, linking compromised GitHub repositories to suspicious domains, shared infrastructure and fresh artifacts, suggesting a coordinated operation that continues to evolve despite partial attribution.
Domains have quietly become the primary entry point for online IP infringement, yet most firms lack visibility over portfolios, leaving brands exposed and prompting a shift toward integrated, proactive domain governance and security.
After months of declining prices, the IPv4 market shows early signs of stabilisation, with firming prices, resilient global demand, and sustained transaction volume suggesting a gradual rebalancing rather than a structural downturn.
Keenadu backdoor embedded in Android firmware exploits supply chains and OTA updates, while DNS analysis of its infrastructure reveals coordinated domains, IP links, and early warning signals pointing to premeditated, scalable cybercriminal operations globally distributed.