Cyber espionage is a type of cyber attack that aims to steal sensitive and often classified information to gain an advantage over a company or government. The 2020 Data Breach Investigations Report (DBIR) revealed that several hundreds of incidents across industries in the previous year were motivated by espionage.
Targeted attacks are known as some of the most destructive cyber attacks in that they zoom in on organizations that either provide critical services or have massive user bases.
Not all of the domains that contain a company's brand are under its control. A portion of them - sometimes even the vast majority -- is typically registered by unidentifiable third parties with masked WHOIS records. Arguably, WHOIS redaction might also be preferred by the companies themselves for privacy purposes. But to which extent is this the case?
The Tor Project has been synonymous with the Deep Web, as it is a primary method by which users can access hidden portions of the Internet. Besides traffic encryption, an additional feature that gives Tor users anonymity is that their network traffic passes through several nodes, making the real source unidentifiable.
Elections and other events related to the government typically drive a great amount of Internet activity. Considering the domain name space, we found 4,197 subdomains related to the U.S. elections and the government in general.
The attack surface of every Internet user gets wider every day, but it doesn't mean there's nothing that can be done about it. For one, analyzing possible attack vectors, such as suspicious or malicious domain names and IP addresses, can help with attack surface management.
Cybercrime is first and foremost financially motivated. Cybercriminals look for lucrative targets, including social media networks with hundreds of millions of monthly active users. We put this perspective to the test by analyzing the domain attack surface of three of today's largest social media platforms.
Just as no man is an island, no company can perform core functions without other organizations' help. This fact is highlighted in today's age of outsourcing, partnership, and third-party connections. Unfortunately, threat actors have also found a massive opportunity in these relationships.
Almost every transaction on the Internet is riddled with risks, and the use of online payment processing platforms is no exception. With more people opting to transact online and use digital wallets, threat actors have much to gain by targeting online payment processing platforms.
Every organization faces two kinds of cyber threats daily - "known" and "unknown" ones. Known threats are those that security experts have discovered, often published in blogs and major news outfits with accompanying indicators of compromise (IoCs). Unknown threats, meanwhile, are those that remain hidden to victims and researchers. IoCs for these have yet to be identified and disclosed.