August 5, 2024 at 05:06PM AWS is utilizing a massive neural network graph model named Mitra, comprising 3.5 billion nodes and 48 billion edges, to detect malicious domains within its infrastructure. This system generates reputation scores for domain names and aids in predicting potential threats before they appear on third-party feeds, complemented by an internal … Read more
May 14, 2024 at 08:35AM Threat actors are using DNS tunneling to track email delivery and victim interaction with malicious domains, scan networks, and perform reflection attacks. Palo Alto Networks has identified three campaigns employing this technique, tracking over 700 victims with 75 IP addresses resolving 658 domains. Organizations should update resolver software to mitigate … Read more
May 5, 2024 at 10:02PM Amnesty International’s Security Lab reveals Indonesia’s emergence as a hub for surveillance tools, receiving invasive spyware from Israel, Greece, Singapore, and Malaysia since 2017. Companies like Q Cyber Technologies, Intellexa consortium, Saito Tech, FinFisher, Raedarius M8 Sdn Bhd, and Wintego Systems are linked to these tools. Malicious domain names and … Read more
May 3, 2024 at 12:37AM Amnesty International discovered a complex web of spyware and surveillance technology acquisition by Indonesia, connecting to Israel, Greece, Singapore, and Malaysia. The purchases involved dual-use technologies, such as spyware, and non dual-use hardware, with limited oversight and regulatory transparency. The investigation also found associations with malicious domains, and a lack … Read more
April 28, 2024 at 12:03PM Security researchers found that phishing campaigns targeting the USPS saw fake domains receiving traffic similar to the legitimate site, especially during holidays. The phishing operations mimic genuine USPS services, with convincing designs and tracking pages. Malicious domains received over 1.1 million queries, indicating heightened activity during the winter holidays. Consumers … Read more
April 8, 2024 at 06:30AM Dave Luber has been named the new cybersecurity director of the NSA, succeeding Rob Joyce who retired on March 31. Luber, with over 30 years of experience in various cybersecurity roles, will lead the agency’s efforts to combat cyber threats and work with partners across the community. Key takeaways from … Read more
February 28, 2024 at 09:07AM A new threat actor executes an innovative investment scam through a sophisticated traffic distribution system (TDS), leveraging the DNS to sustain ever-changing malicious domains. The scam impersonates major brands, luring victims through multilingual Facebook ads. The TDS, supported by CNAME records, provides resilience and evasion against takedowns, posing a significant … Read more