Whois

Exposing Rogue Free VPN Users – An OSINT Analysis

According to recent research conducted by DNS Threat Researcher Dancho Danchev, the National Security Agency (NSA) seemingly runs a free VPN domain portfolio to lure malicious users and learn more about their Internet activities.

Continuing Danger for Internet Users – Unavailable Whois Data and DNS Abuse

As we approach our third year of living with ICANN's Temporary Specification, civil and criminal investigators still can't find suspected perpetrators' contact data, nor can they depend upon enlisting the help of registries and registrars to abate abuse consistently and quickly. The result? Unsuspecting internet users remain at risk, and there is no end to this dilemma in sight.

MarkMonitor Releases New gTLD Quarterly Report for Q2 2021

We’re happy to deliver this insight collection on Q2 2021, including a deep dive into the electric vehicle (EV) market and its crossover into the new gTLD and .brand space, building upon analysis from our recent 'The Road Ahead: Sustainable Vehicles Today and in the Future' reports.

Upcoming Hollywood Movie Releases and Domain Registration Trends, Is There a Connection?

It’s not uncommon to see news stories that blame piracy or prerelease leakages for poor movie revenue turnouts. We’ve seen that happen over time with movies like “X-Men: Origins Wolverine,” “Star Wars: Episode III: Revenge of the Sith,” and “Expendables 3.”

An Analysis of the Gaming Industry’s Domain Attack Surface

The videogame industry has outperformed the movie and North American sports industry in 2020, and market experts expect the trend to continue on in 2021. So reports about the increasing cyber attacks targeting the said industry is not surprising as threat actors tend to go after lucrative targets.

Phorpiex Botnet Extortion: DNS Facts and Findings

The Phorpiex botnet has been operating for years now. It first focused on distributing old-school worms that spread via infected USB drives or through chats that relied on the Internet Relay Chat (IRC) protocol.

Beyond Hafnium Attacks: An Expansion of IoCs Related to 3 APT Clusters

The Hafnium attacks targeting Microsoft Exchange Server vulnerabilities triggered several cybersecurity investigators and researchers to hunt for other threat actors that use similar attack methods. Among them is the Cybereason News Network.

Credential-Hinting Domain Names: A Phishing Lure?

As an attack vector, phishing has had several underlying purposes – e.g., delivering malware, stealing sensitive information, and defrauding victims. However, it looks like most phishing emails could be used to obtain user credentials according to the 2021 Annual State of Phishing Report by Cofense.

What Are the Internet Domains Connected to the Conficker Botnet?

Conficker gained prominence back in 2008, when it was then considered possibly the most widespread worm affecting millions of Windows computers worldwide. For several years, the worm, also known as "Downup," "Downadup," "Downad," or "Kido," was the top malware infector.

Investigation of an Iranian Misinformation Network: Are Some IRGC Domains Still Up?

June 2021 saw the U.S. Department of Justice (DOJ) shutting down and seizing several websites believed to be involved in misinformation campaigns. These websites published news-related content and seemingly had connections to Irani governmental entities. In fact, some of them were found to be the property of the Iranian Islamic Radio and Television Union (IRTVU).