malware

A recent phishing campaign targeting Latin America utilized emails with ZIP attachments containing an HTML file disguised as an invoice using free, temporary email addresses with the domain “temporary.link” and spoofing the User-Agent field in the header to indicate use of Roundcube Webmail, a...

A recent phishing campaign targeting Latin America utilized emails with ZIP attachments containing an HTML file disguised as an invoice using free, temporary email addresses with the domain “temporary.link” and spoofing the User-Agent field in the header to indicate use of Roundcube Webmail, a...

As part of an international law enforcement effort, federal authorities in Los Angeles this week seized an internet domain that was used to sell computer malware used by cybercriminals to take control of infected computers and steal a wide array of information. A seizure warrant approved by a...

As part of an international law enforcement effort, federal authorities in Los Angeles this week seized an internet domain that was used to sell computer malware used by cybercriminals to take control of infected computers and steal a wide array of information. A seizure warrant approved by a...

The Domain Name System (DNS) has been around for nearly 40 years, yet surprisingly few organizations understand what a critical security tool it can be. DNS can play many vital security roles on a network, from preventing infection by malware to neutering that malware even if it manages to...

The Domain Name System (DNS) has been around for nearly 40 years, yet surprisingly few organizations understand what a critical security tool it can be. DNS can play many vital security roles on a network, from preventing infection by malware to neutering that malware even if it manages to...

A shadow domain is usually a subdomain surreptitiously added on to a typically reputable domain that will portray something that might look legitimate when it is not. So, for example, if you were to go to something like "yourbank[.]com" and asked to log in to your account, you might think...

A shadow domain is usually a subdomain surreptitiously added on to a typically reputable domain that will portray something that might look legitimate when it is not. So, for example, if you were to go to something like "yourbank[.]com" and asked to log in to your account, you might think...

All of the 569 ecommerce platforms infected with skimmers were associated in one way or the other with GTM abuse. While 314 have been infected with a GTM-based skimmer, data from the remaining 255 has been exfiltrated to domains associated with GTM container abuse. As of August 2022, there were...

All of the 569 ecommerce platforms infected with skimmers were associated in one way or the other with GTM abuse. While 314 have been infected with a GTM-based skimmer, data from the remaining 255 has been exfiltrated to domains associated with GTM container abuse. As of August 2022, there were...

These are the top-level domains threat actors like the most November 12, 2021 Out of over a thousand top-level domain choices, cyber-criminals and threat actors prefer a small set of 25, which accounts for 90% of all malicious sites. Six out of the top 10 of these 25 top-level domains (TLD)...

These are the top-level domains threat actors like the most November 12, 2021 Out of over a thousand top-level domain choices, cyber-criminals and threat actors prefer a small set of 25, which accounts for 90% of all malicious sites. Six out of the top 10 of these 25 top-level domains (TLD)...

What are Indicators of Compromise (IOCs)? Indicators of compromise (IOCs) are pieces of forensic data, such as system log entries, system files or network traffic that identify potentially malicious activity on a system or network. Digital forensics security analysts and information security...

What are Indicators of Compromise (IOCs)? Indicators of compromise (IOCs) are pieces of forensic data, such as system log entries, system files or network traffic that identify potentially malicious activity on a system or network. Digital forensics security analysts and information security...

Domain registrar Namecheap, Inc. is being commended for its improved reporting and remediation strategy for malicious domains, though it is unclear what spurred the changes for the company. Security researchers took to Twitter recently, citing a significant improvement in response time by...

Domain registrar Namecheap, Inc. is being commended for its improved reporting and remediation strategy for malicious domains, though it is unclear what spurred the changes for the company. Security researchers took to Twitter recently, citing a significant improvement in response time by...

Anyone who’s seen the 1984 hit movie Ghostbusters likely recalls the pivotal scene where a government bureaucrat orders the shutdown of the ghost containment unit, effectively unleashing a pent-up phantom menace on New York City. Now, something similar is in danger of happening in cyberspace...

Anyone who’s seen the 1984 hit movie Ghostbusters likely recalls the pivotal scene where a government bureaucrat orders the shutdown of the ghost containment unit, effectively unleashing a pent-up phantom menace on New York City. Now, something similar is in danger of happening in cyberspace...

Microsoft and partners across 35 countries took coordinated legal and technical steps to disrupt one of the world’s most prolific botnets, called Necurs, which has infected more than nine million computers globally. This disruption is the result of eight years of tracking and planning and will...

Microsoft and partners across 35 countries took coordinated legal and technical steps to disrupt one of the world’s most prolific botnets, called Necurs, which has infected more than nine million computers globally. This disruption is the result of eight years of tracking and planning and will...