Security News

The web's cruising at 13 million new and nefarious domain names a month
2022-09-28 20:20

Akamai reckons that, in the first half of 2022 alone, it flagged nearly 79 million newly observed domains as malicious. According to the internet infrastructure giant, that amounts to 13 million malicious domain detections per month, equal to 20 percent of all successfully resolving NODs.

CISA updates Conti ransomware alert with nearly 100 domain names
2022-03-10 00:31

The U.S. Cybersecurity and Infrastructure Security Agency has updated the alert on Conti ransomware with indicators of compromise consisting of close to 100 domain names used in malicious operations. Originally published on September 22, 2021, the advisory includes details observed by CISA and the Federal Bureau of Investigation in Conti ransomware attacks targeting organizations in the U.S. The updated cybersecurity advisory contains data from the U.S. Secret Service.

US Seizes 2 Domain Names Used in Cyberespionage Campaign
2021-06-02 10:20

The Justice Department said Tuesday that it has seized two domain names used in a cyberespionage campaign that targeted U.S. and foreign government agencies, think tanks and humanitarian groups. The campaign was disclosed last week by Microsoft, which linked it to the same group of Russian intelligence operatives responsible for the massive SolarWinds intrusion that breached federal agencies and private corporations.

Crooks social-engineer GoDaddy staff into handing over control of crypto-biz domain names
2020-11-23 22:52

Using social engineering tricks, the hackers were able to change the DNS settings of their victims' domain names, redirecting connections and mail to their own servers. GoDaddy, the world's biggest domain-name registrar, confirmed "a small number of customer domains and/or account information" were altered after "a limited number of GoDaddy employees" were duped.

U.S. Seizes Domain Names Used by Iran for Disinformation
2020-10-08 13:08

The United States this week announced that it seized a total of 92 domain names that an Iran-linked adversary was leveraging in a global disinformation campaign. The manner in which these domains were being used was in violation of sanctions the U.S. imposed on both the government of Iran and the IRGC. As of April 2019, the United States has designated the IRGC as a foreign terrorist organization.

How expired domain names can redirect you to malicious websites
2020-07-09 18:26

Pages for inactive domain names can be exploited by cybercriminals to take you to malicious sites, says Kaspersky. Most of us at some point have likely tried to open a website only to discover that the site no longer exists, replaced by a landing page indicating that the domain has expired or is up for rewewal.

Facebook Sues 12 Fraudulent Domain Names
2020-06-09 11:27

Facebook on Monday announced that it filed a lawsuit in Virginia against 12 domain names for their deceiving behavior. The 12 fraudulent domain names are registered by India-based proxy service Compsys Domain Solutions Private Ltd. and the social platform sued them for impersonating Facebook apps and services such as facebook-verify-inc.com, instagramhjack.com and videocall-whatsapp.com.

BEC Gang Exploits G Suite, Long Domain Names in Cyberattacks
2020-05-14 12:38

Business email compromise attacks continue to be a thorn in companies' sides, with the FBI in its IC3 annual cybercrime report saying that the attacks cost victims $1.7 billion in 2019. Making matters worse, BEC cybergangs are turning to new tactics and tricks to avoid detection and capitalize on existing victims.

Coronavirus domain names are the latest hacker trick
2020-02-19 15:00

One site registered in Russia offers a coronavirus cure for $300. Check Point Research found a spike in coronavirus domain name registrations earlier this month as hackers increase malicious activity around the illness. Check Point listed "Vaccinecovid-19.com" as an example of a malicious site.

How fraudulent domain names are powering phishing attacks
2019-06-18 04:00

Bargain basement gTLDs and glyph attacks using IDNs are powering phishing attacks, with fraudulent registrations on the rise. Worse yet, phishing sites are increasingly getting security certificates.