DomainTools

Hostile Takeover: A History of Evil Corp after a Leader is named by Law Enforcement

48 — Tue, 01 Oct 2024 14:24:34 +0000

tl;dr The threat group known as Evil Corp has shown they have resilience as they continue to iterate and regroup in an effort to evade sanctions. Today, the National Crime Agency (NCA) named another member of the infamous group, Alexsandr Rhyzenkov, has been named as the leader’s right hand man. In addition to this news, […]

AI’s Role in Cybersecurity: From EDR Evolution to Generative AI Threats and Supply

48 — Wed, 18 Sep 2024 16:43:28 +0000

AI and Cybersecurity: The Next Frontier In this special edition of the Breaking Badness Cybersecurity Podcast, we explore the rapidly changing landscape of cybersecurity, where artificial intelligence (AI) and machine learning (ML) are playing a pivotal role in both defense mechanisms and cyber threats. Our panel of experts at Black Hat discuss the integration of […]

Retail Targeted Campaigns—Domain Fraud, Brand Impersonation, and Ponzi Schemes, oh my!

51 — Tue, 10 Sep 2024 15:49:23 +0000

DomainTools highlights several ways threat actors seek to take advantage of the retail cybersecurity landscape and aid in understanding how such activity can be enumerated and “clustered” to help organizations defend themselves.

The DomainTools Report, Spring 2024

48 — Wed, 17 Apr 2024 16:00:00 +0000

The Spring 2024 DomainTools Report explores 6 features of malicious activity. See how we analyze the data and a preview of findings from the full report.

Enhancing Vulnerability Management with CISA's Playbook and DomainTools Data

54 — Thu, 29 Feb 2024 16:49:26 +0000

In today’s rapidly evolving digital landscape, organizations face a constant barrage of cybersecurity threats. Vulnerabilities in software and hardware can be exploited by malicious actors, leading to data breaches, service disruptions, and financial losses. To combat these threats effectively, the Cybersecurity and Infrastructure Security Agency (CISA) has introduced a comprehensive Vulnerability Management Playbook. In this […]

Enhancing Cybersecurity Incident Response with DomainTools: A Comprehensive Guide

54 — Tue, 27 Feb 2024 16:53:54 +0000

As referenced in our Federal Government Best Practices Guide, cybersecurity incidents are a persistent threat to government agencies and their contractors. Effective incident response (IR) is paramount to mitigate these threats, minimize damage, and ensure the continuity of operations. The Cybersecurity and Infrastructure Security Agency (CISA) has outlined a structured Incident Response Playbook to guide […]

Merry Phishmas: Beware US Postal Service Phishing During the Holidays

54 — Thu, 07 Dec 2023 16:55:35 +0000

For Cybercriminals, the Season of Giving is a Season for Taking Special note: A podcast is available on this topic, you can tune in below. With the holiday season approaching, DomainTools urges the public to exercise increased caution and remain vigilant against the threat of US Postal Service-themed (USPS) package redelivery phishing attacks. DomainTools is […]

Return to Sender - A Brief Analysis of a US Postal Service Smishing Campaign

54 — Thu, 28 Sep 2023 15:44:14 +0000

In recent weeks there has been a noticeable uptick in campaigns targeting the US Postal Service (USPS) as an institution, even in the usual deluge of phishing and smishing emails and text messages. The volume of these reaching our families and co-workers within a period of weeks piqued our natural curiosity to dig into it […]

The DomainTools Report, Spring 2023

54 — Thu, 08 Jun 2023 15:44:55 +0000

It’s that time again—a new edition of the DomainTools Report! Since the first DomainTools Report in 2015, we have sought to explore our stores of domain registration, hosting, and content-related data to surface patterns and trends that might be of interest to security practitioners, researchers, and anyone else interested in the suspicious or malicious use […]

The Most Prolific Ransomware Families: 2023 Edition

54 — Mon, 23 Dec 2024 15:37:00 +0000

The ransomware landscape has changed significantly since our last post, in which we identified the most prevalent cybercrime groups of the time and examined the industries most impacted by their activity. Our previous post came on the heels of a series of high-profile ransomware events, and as such we reviewed the activity of the top […]