https://www.domaintools.com/authors/steve-behm Innovative, Practical Advice to Improve your Cybersecurity Posture en-US https://wordpress.org/?v=6.7.2 https://www.domaintools.com/resources/blog/automated-discovery-of-chenlun-domains-splunk-enterprise-security/ Thu, 30 Jan 2025 16:20:00 +0000 103 DomainTools Research https://www.domaintools.com/?p=31801 TL;DR  This technical blog explores a next step in this investigation on Chenlun by automating Splunk searches to gather domains using DomainTools, and share them using Splunk’s trigger actions. By integrating DomainTools with Splunk, you can streamline the identification of malicious domains, stay ahead of attackers, and optimize your security resources. Using Passive DNS to […]

]]> https://www.domaintools.com/resources/blog/uncovering-octo2-domains/ Thu, 10 Oct 2024 10:00:00 +0000 54 DomainTools Research https://www.domaintools.com/?p=31091 Introduction: What is Octo2? Octo2 is a new version of one of the most prolific malware families, Octo (ExobotCompact). The banking trojan targets Android mobile devices and the newest version is likely to be seen globally in the coming year. The “Architect” of Octo released Octo2 after the original’s source code was leaked earlier this […]

]]>