domains
-
Blog
96% of Phishing Attacks in 2024 Exploited Trusted Domains
Threat actors are increasingly targeting trusted business platforms such as Dropbox, SharePoint, and QuickBooks in their phishing email campaigns and leveraging legitimate domains to bypass security measures, a new report released today has found. By embedding sender addresses or payload links within legitimate domains, attackers evade traditional detection methods and deceive unsuspecting users. According to Darktrace’s Annual Threat Report 2024,…
Read More » -
Blog
Get Ready for .Channel Website Domains
There’s a ton of TLDs out there you can choose for websites, all of which are technically geared towards different purposes and audiences. Now, your favorite content creators might begin to get .channel domains going for their personal brands. Google Registry has officially released .channel, a new top-level domain (TLD) designed specifically for building an online presence, selling products, and…
Read More » -
Blog
FBI seizes domains for Cracked.io, Nulled.to hacking forums
The FBI has seized the domains for the infamous Cracked.io and Nulled.to hacking forums, which are known for their focus on cybercrime, password theft, cracking, and credential stuffing attacks. While some of their members also engaged in ethical hacking discussions, the sites were widely regarded as a hub for cybercriminal activity. They also hosted content related to software cracks, hacking tools…
Read More » -
Blog
Cloudflare’s developer domains increasingly abused by threat actors
Cloudflare’s ‘pages.dev’ and ‘workers.dev’ domains, used for deploying web pages and facilitating serverless computing, are being increasingly abused by cybercriminals for phishing and other malicious activities. According to cybersecurity firm Fortra, the abuse of these domains has risen between 100% and 250% compared to 2023. The researchers believe the use of these domains is aimed at improving the legitimacy and effectiveness…
Read More » -
Blog
Amazon seizes domains used in rogue Remote Desktop campaign to steal data
Amazon has seized domains used by the Russian APT29 hacking group in targeted attacks against government and military organizations to steal Windows credentials and data using malicious Remote Desktop Protocol connection files. APT29, also known as “Cozy Bear” and “Midnight Blizzard,” is a Russian state-sponsored cyber-espionage group linked to Russia’s Foreign Intelligence Service (SVR). Amazon clarifies that although the phishing pages APT29…
Read More » -
Blog
Azure domains and Google abused to spread disinformation and malware
A clever disinformation campaign engages several Microsoft Azure and OVH cloud subdomains as well as Google search to promote malware and spam sites. Android users receive a “new info related to…” Google search notification about a subject they have previously searched about, but are then presented with misleading search results, driving traffic to scam websites disguised as infotainment articles. Polluted search results…
Read More »