Threat Intelligence

How Can Domain Intelligence Analysis Help in Vetting Third-Party Providers

For 16 months, PayMyTab, a third-party payment provider, leaked the private data of customers who dined in a U.S. restaurant when it failed to follow a simple yet essential security protocol. more

The Orvis.com Data Leak: A Short Investigation Using WHOIS Information

On November 11, news about the massive data exposure of the clients of Orvis, a 163-year-old retailer, made headlines. Some of the company's login credentials were posted online... With over 80 retail stores, 10 outlets, and hundreds of independent dealers worldwide, we believe potential attackers could get their hands on millions of customer data. more

The Disney+ Account Hijacking: Preventing Unauthorized Network Access with Threat Intelligence Tools

What was supposed to be an exciting week after the launch of Disney+, a subscription-based video-on-demand (VOD) streaming service of Walt Disney Company, turned into a nightmare for thousands of users. more

Investigating Domain Abuse Complaints with Brand Monitoring Software

Cybersquatters can pose severe risks for brands, so it's good news when a company wins against them. Home Box Office, Inc. (HBO) recently won its case in a domain dispute for TrueDetective.com. The titular show has a huge cult following, which explains why someone may want to leverage a domain name around it. more

How Reverse WHOIS Search Can Help Protect Against MegaCortex and Other Ransomware

Earlier this week, a new variant of MegaCortex ransomware was found encrypting files and changing victims' passwords on Windows-based computers. Victims who fail to pay the ransom were as usual threatened that their personal data would be released. How does the attack work? more

The Web.com Data Breach: A Quick Investigation with Domain Reputation Lookup

On 16 October, Web.com – the world's oldest domain name provider and owner of Network Solutions, NameSecure, and Register.com – disclosed a major breach resulting in the leakage of its customers' personally identifiable information (PII). more

Do Security Service Providers Need Their Own Data Scientists?

In a world where society is driven by information, data science has gained solid ground over the past years for its ability to separate the wheat from the chaff. Its predictive power is now being explored in the context of cybersecurity. After all, efficient threat protection requires gathering and interpreting the enormous amounts of traffic generated to and from one's network. more

Can Security Analytics Combat Digital Fraud with IP and Domain Name Monitoring?

For several years, digital security relied on a simple strategy – gain insight from past events, learn from them, and base security protection accordingly. more

What to Look for in Digital Forensics and Incident Response Experts

While it's true that the lines between cybersecurity roles have become blurred, some have more significant barriers to entry. The field of digital forensics and incident response (DFIR), in particular, is an altogether different beast. more

Carpet-Bombing Attacks: A Rising Threat to ISPs

News of a South African ISP's two-day outage sent the industry abuzz last month, highlighting the need for improved distributed denial-of-service (DDoS) attack mitigation. more