As if the attention surrounding the upcoming U.S. presidential elections is not enough, the WhoisXML API research team may have unveiled thousands of potential sources of disarray -- election-related cybersquatting domains. These domains may be a lucrative source of income for some people. Case in point?
Fortinet recently discovered a Meduza Stealer variant that has been taking advantage of the Microsoft Windows SmartScreen vulnerability CVE-2024-21412. The Meduza stealer lets remote attackers bypass the SmartScreen security warning dialog to deliver malicious files.
The WhoisXML API research team analyzed more than 7.3 million domains registered between 1 and 31 July 2024 in this post to identify five of the most popular registrars, top-level domain (TLD) extensions, and other global domain registration trends.
Domain Name System Security Extensions (DNSSEC) are security protocol extensions for the Domain Name System (DNS), designed to ensure the integrity and authenticity of DNS data.
Cyber espionage is not uncommon and often occurs between rivals. And though the cyber attackers' tactics and techniques remain the same, their tools do not.
The journey towards widespread Cloud adoption has significantly impacted domain name system (DNS) management practices. Initially, businesses operated their own data centers, however the shift towards external hosting providers has introduced complexities and increased the potential for DNS record mismanagement, and therefore, subdomain vulnerability.
The Internet Corporation for Assigned Names and Numbers (ICANN) is offering a new and free service for requesting registration data in connection with generic top-level domains (gTLDs).
The Zscaler ThreatLabz 2024 Phishing Report named Microsoft, OneDrive, Okta, Adobe, SharePoint, Telegram, pCloud, Facebook, DHL, WhatsApp, ANZ Banking Group, Amazon, Ebay, Instagram, Google, Sparkasse Bank, FedEx, PayU, Rakuten, and Gucci as the 20 most phished brands.
Advanced persistent threat (APT) groups will employ any means necessary to compromise the networks of their intended targets. And for Cosmic Leopard, that means using GravityRAT, an Android-based malware, and HeavyLift, a Windows-based malware loader, in their most recent operation Cisco Talos has dubbed "Operation Celestial Force."
Our research team analyzed more than 21.5 million domains registered between 1 April and 30 June 2024, as seen in the Newly Registered Domains (NRDs) Data Feed.