Articles from September 1-8 Xero-Spoofing Phishing Campaign Spreads Dridex Globally Infosecurity Magazine | Tara Seals | September 8, 2017 A sophisticated phishing campaign is making the rounds, targeting victims by...

Despite more than a decade of research dedicated to combating phishing scams, the fraudulent practice of sending emails purporting to be from reputable companies or sending people to fake websites,...

Articles from August 26 – September 1 Software Glitch or Russian Hackers? Election Problems Draw Little Scrutiny The New York Times | Nicole Perlroth, Michael Wines and Matthew Rosenburg |...

It is no secret that for businesses hoping to do well in the digital space, a good domain name is crucial to their success. Domain names are defined as ‘a...

Articles from August 18-25 No coding skills required: This Android app allows wannabe cyber criminals to build custom ransomware ZDNet | Danny Palmer | August 25, 2017 A ransomware development...

In July, we introduced a suite of collaboration features in Iris that allow investigators to share their work and add commentary to their investigations, to give other Iris users more...

Articles from August 11-18 Trump approves plan to create independent cyber command ABC News | Lolita C. Baldor | August 18, 2017 President Donald Trump has approved a long-delayed Pentagon...

Articles from August 5-11 Russia's ‘Fancy Bear' Hackers Used Leaked NSA Tool to Target Hotel Guests WIRED | Andy Greenberg | August 11, 2017 Appropriately paranoid travelers have always been...

Welcome to the latest edition of DomainTools’ Employee Spotlight! Last quarter I interviewed the one and only Michael Klatt, aka the hack days champion. This quarter I’ll be highlighting a...

Articles from July 29 – August 4 Feds Arrest Man Credited With Helping To Stop Ransomware Attack NPR | Leila Fadel | August 3, 2017 Marcus Hutchins' Twitter account suddenly...

Black Hat and Defcon 2017 are over. The annual hacker summer camp has come to a close and is one for the books. With a bit of scheduling jiu-jitsu, I...

Articles from July 21-28 At Black Hat Conference, good guy hackers have a bleak view of US cybersecurity CNBC | Aditi Roy | July 27, 2017 In a dark conference...

“Every path you take, every domain registration you make, we’ll be watching you.” Summary (TL;DR) We created Threat Profiles, a set of supervised machine learning classifiers, to find domains which...

While some infosec analysts or investigators work on their own, many work as part of a team. This collaboration could be on specific investigations or as part of a larger...

Articles from July 7-14 A robot and cyber nightmare Axios | Steve LeVine | July 13, 2017 From robotics to cyber-war, developing countries are being lashed by the powerful new...

Every year, around mid-July I get excited. It could be the warm weather, but more than likely it’s due to Black Hat. Ever since I started my career in information...

Articles from July 1-7 Ukraine calls out Russian involvement in Petya ZDNet | Chris Duckett | July 3, 2017 Ukraine has said Russian security services were involved in the recent...

In the cybersecurity world, it comes as no surprise that connecting to unknown WiFi network can pose a threat to your device's security. Yes, it is possible for threat actors...

Articles from June 24-30 Don't panic, but Linux's Systemd can be pwned via an evil DNS query The Register | Shaun Nichols | June 29, 2017 Systemd, the Linux world's...

As we approach the halfway point for the year of 2017, its a nice time to pause and reflect over the past quarter. We were honored to announce our When...

Articles from June 17-23 WannaCry helps speeding drivers dodge fines in Australia BBC | Staff | June 23, 2017 Hackers behind the infamous WannaCry virus have inadvertently helped speeding Australian...

I'm the kind of person who wears shorts and t-shirts down to about 50 degrees…. and I wilt at about 75. So a week in June in Puerto Rico for...

Articles from June 10-16 U.K. Says North Korea Behind WannaCry Cybertattack The Wall Street Journal | Stu Woo | June 16, 2017 British intelligence officials believe that a group linked...

Articles from June 3-9 A new kind of Twitter hack is spreading fake news in Venezuela The Verge | Russell Brandom | June 9, 2017 Activists from Venezuela to Bahrain...

In this article we will dive into the attack vector known as domain shadowing, and how it can land an innocent blog on a blacklist of known bad domains. A...

Articles from May 27 – June 2 NY DMV warns drivers about traffic ticket phishing scam SC Magazine | Doug Olenick | June 2, 2017 New York drivers are being...

Welcome back to the quarterly DomainTools Employee Spotlight segment! Earlier this year, we introduced you to Karen Kuhar, HR Generalists extraordinaire, literature aficionado, and education advocate. This quarter, I was...

Articles from May 19-26 Why do hackers always wear hoodies? Behind the stereotype CNN Money | Selena Larson | May 26, 2017 There are many types of hacking — from...

DomainTools employees are fortunate enough to participate in what we call “Hack Days” once a quarter. We’ve written about our hack days in the past, but today, I wanted to...

Articles from May 12-19 Hackers Are Trying to Reignite WannaCry With Nonstop Botnet Attacks WIRED | Andy Greenberg | May 19, 2017 Over the past year, two digital disasters have...

On May 9th, Docusign disclosed that they were tracking a malicious email campaign targeting DocuSign users. To their credit, DocuSign continues to provide detailed and timely updates in their Trust...

It’s been a busy week in infosec, with WannaCry 1.0 (kill-switch-enabled) and 2.0 (kill-switch-free) making the rounds and, at least as of May 16, having raked in over $75k in...

In the DomainTools Reports, we explore various “hotspots” of malicious or abusive activity across the Internet. Starting with our first report in the spring of 2015, we have analyzed such varied...

An NSA Cyber Weapon Might Be Behind A Massive Global Ransomware Outbreak Forbes | Thomas Fox-Brewster | May 12, 2017 It's been a matter of weeks since a shady hacker...

Threat Intelligence is a hard field to break into. It requires a deep understanding of a number of different areas like information security, network security, application security, and web security....

Articles from April 28-May 5 Google phishing attack was foretold by researchers—and it may have used their code Ars Technica | Sean Gallagher | May 5, 2017 The "Google Docs"...

DomainTools! GeekWire Bootstrapper of the Year Last night was the annual GeekWire Awards, the Seattle tech industry’s version of the Oscars. We were fortunate enough to take home the Bootstrapper...

Sometimes while doing an investigation in Iris, it seems as if I’m fighting a multi-headed beast. In a recent example, I was curious to know if the good guys really killed...

Phishing activity is at an all-time high, causing significant financial and brand damage. In fact, (just in case you don’t have the numbers handy!) fake website and phishing scams cost...

Articles from April 22-28 ‘10 Concerts’ Facebook Meme May Reveal More Than Musical Tastes The New York Times | Christopher Mele and Daniel Victor | April 28, 2017 It’s all...

Articles from April 15-21 This Apple Phishing Site Is As Sneaky As They Come Forbes | Lee Mathews | April 21, 2017 Both Google and Mozilla recently introduced protections against...

At a conference where I spoke on a cybersecurity panel, a university student approached me afterward with some great questions. Several were relatively tactical inquiries about resources for learning various...

Brands both large and small face increasing threats and risks as intellectual property becomes more vulnerable online. According to a report issued by Interbrand, a global brand consultancy, the value of Apple, Coca-Cola and Louis Vuitton brands alone recently exceeded US$200bn. These and other well-known Fortune 500 companies invest great sums in ...

‘Amnesia' IoT botnet feasts on year-old unpatched vulnerability The Register | John Leyden | April 7, 2017 Hackers have brewed up a new variant of the IoT/Linux botnet "Tsunami" that exploits a year-old but as yet unresolved vulnerability. The Amnesia botnet targets an unpatched remote code execution vulnerability publicly disclosed...

With Q1 looking back at us longingly (like the beginning of every romantic comedy), we have the quick opportunity to take a breath and reflect on the past quarter. Our team launched DomainTools Iris with passive DNS data in a partnered effort with Farsight Security, we brought on Senior Security Researcher Kyle Wilhoit, and added another new data s...

Articles from March 25-31 Aviation-Related Phishing Campaigns Seeking Credentials ThreatPost | Tom Spring | March 30, 2017 A wave of email-based phishing campaigns is targeting airline consumers with messages that contain malware that infects systems or links to spoofed airline websites that are personalized to trick victims into handing ...

Articles from March 18-24 C.I.A. Developed Tools to Spy on Mac Computers, WikiLeaks Disclosure Shows The New York Times | Vindu Goel | March 23, 2017 The C.I.A. developed tools...