Whois

Whois / Industry Updates

Revisiting APT1 IoCs with DNS and Subdomain Intelligence

Cyber espionage is a type of cyber attack that aims to steal sensitive and often classified information to gain an advantage over a company or government. The 2020 Data Breach Investigations Report (DBIR) revealed that several hundreds of incidents across industries in the previous year were motivated by espionage.

Dark Caracal: Undisclosed Targeted Attack IoCs Can Pose Risks

Targeted attacks are known as some of the most destructive cyber attacks in that they zoom in on organizations that either provide critical services or have massive user bases.

How Much of a Fortune 500 Company’s Digital Footprint Can Be Publicly Attributed to It?

Not all of the domains that contain a company's brand are under its control. A portion of them - sometimes even the vast majority -- is typically registered by unidentifiable third parties with masked WHOIS records. Arguably, WHOIS redaction might also be preferred by the companies themselves for privacy purposes. But to which extent is this the case?

A Look Into Tor Nodes’ Locations and ISPs with IP Intelligence

The Tor Project has been synonymous with the Deep Web, as it is a primary method by which users can access hidden portions of the Internet. Besides traffic encryption, an additional feature that gives Tor users anonymity is that their network traffic passes through several nodes, making the real source unidentifiable.

Thousands of Government-Related Subdomains Revealed in Subdomains Search

Elections and other events related to the government typically drive a great amount of Internet activity. Considering the domain name space, we found 4,197 subdomains related to the U.S. elections and the government in general.

Attack Surface Analysis: Most Blacklisted IP Addresses Scrutinized

The attack surface of every Internet user gets wider every day, but it doesn't mean there's nothing that can be done about it. For one, analyzing possible attack vectors, such as suspicious or malicious domain names and IP addresses, can help with attack surface management.

Attack Surface Analysis of 3 Social Media Giants

Cybercrime is first and foremost financially motivated. Cybercriminals look for lucrative targets, including social media networks with hundreds of millions of monthly active users. We put this perspective to the test by analyzing the domain attack surface of three of today's largest social media platforms.

Third-Party Vendor Risk Management: A Look into Top Couriers’ Digital Footprint

Just as no man is an island, no company can perform core functions without other organizations' help. This fact is highlighted in today's age of outsourcing, partnership, and third-party connections. Unfortunately, threat actors have also found a massive opportunity in these relationships.

Attack Surface Reduction: Scrutiny of the Top Payment Processing Companies

Almost every transaction on the Internet is riddled with risks, and the use of online payment processing platforms is no exception. With more people opting to transact online and use digital wallets, threat actors have much to gain by targeting online payment processing platforms.

Enriching IP Blacklists Using a Reverse IP/DNS Database

Every organization faces two kinds of cyber threats daily - "known" and "unknown" ones. Known threats are those that security experts have discovered, often published in blogs and major news outfits with accompanying indicators of compromise (IoCs). Unknown threats, meanwhile, are those that remain hidden to victims and researchers. IoCs for these have yet to be identified and disclosed.