Security News

US Seizes 2 Domain Names Used in Cyberespionage Campaign
2021-06-02 10:20

The Justice Department said Tuesday that it has seized two domain names used in a cyberespionage campaign that targeted U.S. and foreign government agencies, think tanks and humanitarian groups. The campaign was disclosed last week by Microsoft, which linked it to the same group of Russian intelligence operatives responsible for the massive SolarWinds intrusion that breached federal agencies and private corporations.

Crooks social-engineer GoDaddy staff into handing over control of crypto-biz domain names
2020-11-23 22:52

Using social engineering tricks, the hackers were able to change the DNS settings of their victims' domain names, redirecting connections and mail to their own servers. GoDaddy, the world's biggest domain-name registrar, confirmed "a small number of customer domains and/or account information" were altered after "a limited number of GoDaddy employees" were duped.

U.S. Seizes Domain Names Used by Iran for Disinformation
2020-10-08 13:08

The United States this week announced that it seized a total of 92 domain names that an Iran-linked adversary was leveraging in a global disinformation campaign. The manner in which these domains were being used was in violation of sanctions the U.S. imposed on both the government of Iran and the IRGC. As of April 2019, the United States has designated the IRGC as a foreign terrorist organization.

How expired domain names can redirect you to malicious websites
2020-07-09 18:26

Pages for inactive domain names can be exploited by cybercriminals to take you to malicious sites, says Kaspersky. Most of us at some point have likely tried to open a website only to discover that the site no longer exists, replaced by a landing page indicating that the domain has expired or is up for rewewal.

Facebook Sues 12 Fraudulent Domain Names
2020-06-09 11:27

Facebook on Monday announced that it filed a lawsuit in Virginia against 12 domain names for their deceiving behavior. The 12 fraudulent domain names are registered by India-based proxy service Compsys Domain Solutions Private Ltd. and the social platform sued them for impersonating Facebook apps and services such as facebook-verify-inc.com, instagramhjack.com and videocall-whatsapp.com.

BEC Gang Exploits G Suite, Long Domain Names in Cyberattacks
2020-05-14 12:38

Business email compromise attacks continue to be a thorn in companies' sides, with the FBI in its IC3 annual cybercrime report saying that the attacks cost victims $1.7 billion in 2019. Making matters worse, BEC cybergangs are turning to new tactics and tricks to avoid detection and capitalize on existing victims.

Coronavirus domain names are the latest hacker trick
2020-02-19 15:00

One site registered in Russia offers a coronavirus cure for $300. Check Point Research found a spike in coronavirus domain name registrations earlier this month as hackers increase malicious activity around the illness. Check Point listed "Vaccinecovid-19.com" as an example of a malicious site.

How fraudulent domain names are powering phishing attacks
2019-06-18 04:00

Bargain basement gTLDs and glyph attacks using IDNs are powering phishing attacks, with fraudulent registrations on the rise. Worse yet, phishing sites are increasingly getting security certificates.

Kaspersky VPN blabbed domain names of visited websites – and gave me a $0 reward, says chap
2018-08-09 23:00

DNS leak flaw outside of bug bounty scope, it seems Kaspersky's Android VPN app whispered the names of websites its 1,000,000-plus users visited along with their public IP addresses to the world's...

Internationalized domain names create phishing risks: Here's a solution
2018-06-28 12:29

When ICANN introduced domain names that can use non-ASCII characters, it created opportunities for phishers. Here's how that can be overcome.