Home »
Archive by category General Infosec
Everyone loves that ‘in the right place at the right time’ feeling, including illicit actors. In this article, we look at domain registration correlating with current events to see where opportunities for threats may lie.
Continue reading
June 23, 2022 2087
General Infosec
The MTBL file format supports fast random access and is a space-efficient format. This article details how to use MTBL files to efficiently provide a Python3 dictionary-like interface to moderately large CSV files, even on typical laptop hardware
Continue reading
June 16, 2022 2175
General Infosec
Stay in the know with some of our favorite Twitter accounts of 2022
Continue reading
May 19, 2022 2210
General Infosec
When we talk about investigating bad domains, the focus of the story is usually the starting clues, but what about after you’ve identified bad domains? This blog discusses the approaches to take once a bad domain has been identified.
Continue reading
May 12, 2022 2175
General Infosec
In light of the recent international law enforcement activity against the 16Shop principal “DevilScreaM”, we review a competing service known as SPM55, attempting to fill the void left in the market.
Continue reading
April 7, 2022 968
General Infosec
A domain bloom is in progress centered on the term “log4j,” referring to the large-scale vulnerability being exploited in the wild. DomainTools characterized domain blooms in the spring 2021 DomainTools Report.
Continue reading
December 16, 2021 1393
General Infosec
Although ransomware holds a significant mindshare in security, phishing continues to be an effective and efficient tool for threat actors. In this blog, Tim Helming walks through various anti-phishing tools and methods available to defenders.
Continue reading
September 30, 2021 1393
General Infosec
Although ransomware holds a significant mindshare in security, phishing continues to be an effective and efficient tool for threat actors. In this blog, Tim Helming cautions not to dismiss BEC just because it’s not grabbing headlines.
Continue reading
September 23, 2021 1393
General Infosec
Understand how to develop threat intel requirements for the most relevant dataset—a sweet spot where your internally generated threat intelligence builds on your own network traffic—known as DNS-related network observables.
Continue reading
September 9, 2021 1393
General Infosec
In this blog, reacquaint yourself with the Whois protocol, identify signals to dive deeper into an investigation, and dive into complementary datasets for investigations.
Continue reading
August 19, 2021 939
General Infosec