Home » Archive by categorycyberdefense

Hunting Grizzlies with DomainTools Iris

When we hunt, we’re usually starting with some kind of indicator that something bad has happened. These are often referred to as IOCs or Indicators of Compromise. When we get a good report like this one from Homeland Security, we can use it to help us find out more about a threat actor and their […]
Continue reading

The Monday Media Wrap Up

Articles from February 18-24 Apple deleted server supplier after finding infected firmware in servers Ars Technica | Sean Gallagher | February 24, 2017 A mid-2016 security incident led to Apple purging its data centers of servers built by Supermicro, including returning recently purchased systems, according to a report by The Information. Malware-infected firmware was reportedly […]
Continue reading

The Monday Media Wrap Up

Articles from January 28 – February 4 Unprecedented survey reveals the extent of ransomware attacks against the NHS Information Age | Nick Ismail | February 3, 2017 Similar requests freedom of information requests have been carried out before on NHS Trusts, but RES managed to obtain an answer from all 260 trusts in England, Scotland […]
Continue reading

Whois and Passive DNS Data: Together Again for the First Time.

When DomainTools first launched Iris, it was an initial step in a worthy journey to deliver an increasingly powerful browser-based product for indicator enrichment, threat investigation, and actor profiling. Reception for Iris has been even stronger than forecast, with over 200 enterprise security teams using Iris in their workflows in the first year since launch. […]
Continue reading

DomainTools 101: Risky Business

I want to start the New Year by making a couple of predictions for how things will go in 2017. I’m going to predict that The Atlanta Falcons will beat the Green Bay Packers, that the Pittsburgh Steelers will lose to the New England Patriots and that the Falcons and Patriots will end up in […]
Continue reading

The Monday Media Wrap Up

Articles from January 21-27 Watch Out for Phishing Technique Involving PDF Files Softpedia | Gabriela Vatu | January 27, 2017 A rather new phishing technique seems to be preferred by some hackers nowadays – the deceitful PDF attachments that attempt to steal your email credentials. In a Microsoft blog, the folks over at the malware […]
Continue reading

The Monday Media Wrap Up

Articles from January 14-20 Minecraft linked to Mirai botnet web attacks Newsweek | Anthony Cuthbertson | January 20, 2017 A security expert has linked the popular computer game Minecraft to the most powerful cyberattacks on the internet that took place through the so-called Mirai botnet in 2016. Security researcher Brian Krebs was one of the […]
Continue reading

Rent an IP, Own a Domain

The other day I was on a mission to locate a contact of mine that lived nearby. I had an address, but no phone, or email address. So I got the GPS out, programmed in the address, and away I went. Arriving at the location, I turned into the driveway, and it was an apartment […]
Continue reading

The Monday Media Wrap Up

Articles from January 1-6 Watch out for Amazon sellers with New Year phishing scams BetaNews | Mark Wilson | January 6, 2017 This is one of the many times of year that retailers have sales, coinciding neatly with the time of year when many people are feeling the pinch after splashing out on food and […]
Continue reading

Bounty Programs: The Quicker Picker Upper

Gone are the days where the title “hacker” meant that a computer programmer was only up to no good. In fact, these days the term can mean quite the opposite. These individuals, known as white hat or ethical hackers, do a lot of good for the tech community. While this isn’t a new concept, community […]
Continue reading