/ Industry Updates

How Can Domain Intelligence Analysis Help in Vetting Third-Party Providers

For 16 months, PayMyTab, a third-party payment provider, leaked the private data of customers who dined in a U.S. restaurant when it failed to follow a simple yet essential security protocol.

Using Threat Intelligence Feeds to Prevent Orcus RAT Infections

John Paul Revesz (also known as "Armada"), the Canadian behind the Orcus RAT (a software that been used in various malware attacks), has been charged under Section 342.1 of the Criminal Code on November 8. The specific section is for the unauthorized use of a computer, and at its core, this is what Revesz's Orcus software does.

The Orvis.com Data Leak: A Short Investigation Using WHOIS Information

On November 11, news about the massive data exposure of the clients of Orvis, a 163-year-old retailer, made headlines. Some of the company's login credentials were posted online... With over 80 retail stores, 10 outlets, and hundreds of independent dealers worldwide, we believe potential attackers could get their hands on millions of customer data.

The Disney+ Account Hijacking: Preventing Unauthorized Network Access with Threat Intelligence Tools

What was supposed to be an exciting week after the launch of Disney+, a subscription-based video-on-demand (VOD) streaming service of Walt Disney Company, turned into a nightmare for thousands of users.

Billtrust Breach: Can Threat Intelligence Platforms Help with Ransomware Prevention?

Highly publicized ransomware attacks are never short of golden nuggets of wisdom for the cybersecurity industry. They first teach us that attackers control the rules of the game once infiltration is complete. Second, large enterprises that use cloud-based technologies to store sensitive financial information continue to be at risk.

Post NordVPN Data Exposure: Using Domain Threat Intelligence to Prevent MitM Attacks

NordVPN admitted last month that its data center located in Finland was hacked on March 5, 2018. While the virtual private network (VPN) service provider claimed it learned of the incident as early as April 13, 2019, it only confirmed the compromise last month after reports that its expired Transport Layer Security (TLS) certificate and its private key were leaked.

InterMed Breach: How Threat Intelligence Sources Help Maintain Domain Integrity

Major healthcare providers suffer a lot from breaches, both from a legal and financial standpoint. Aside from patient lawsuits, they also face severe penalties imposed by the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

BriansClub & PoS Malware Attacks: How Threat Intelligence Solutions Help Prevent Payment Card Theft

The most common method by which PoS malware infects hosts is through insider threats and phishing. A knowledgeable employee may install the malware on card-reading machines or retrieve higher-ups' access credentials by guessing username-and-password combinations.

Investigating Domain Abuse Complaints with Brand Monitoring Software

Cybersquatters can pose severe risks for brands, so it's good news when a company wins against them. Home Box Office, Inc. (HBO) recently won its case in a domain dispute for TrueDetective.com. The titular show has a huge cult following, which explains why someone may want to leverage a domain name around it.

How Reverse WHOIS Search Can Help Protect Against MegaCortex and Other Ransomware

Earlier this week, a new variant of MegaCortex ransomware was found encrypting files and changing victims' passwords on Windows-based computers. Victims who fail to pay the ransom were as usual threatened that their personal data would be released. How does the attack work?