Category: Research
On 22-October-2024, The Computer Emergency Report Team of Ukraine (CERT-UA) and Amazon issued Cyber Threat Intelligence (CTI) alerts. Microsoft followed with a detailed blog post on 29-October. These alerts described a targeted phishing and espionage…
In the wake of two catastrophic hurricanes and with just two weeks until highly divisive U.S. elections, the U.S. faces unprecedented challenges. Millions have lost loved ones, homes, and livelihoods. Damage estimates range from $20…
Big Events have a way of changing editorial calendars. Before taking a brief Labor Day break, Iran’s Election Interference was next on our calendar. But things changed on 4-September with DOJ’s court filings on Russian…
We are now twelve days (July 18-29) into the CrowdStrike Outage incident. While its impact and scale may be unprecedented, recovery operations are winding down. In this follow-on to our July 24th Flash Report, we provide:…
We are now in day 6 (July 18 – 23) of the Internet outage caused by a defective CrowdStrike software update. In this post, we focus on one aspect of the story – the tracking,…
Initially, this post was intended to be a routine review of how cyber threat actors utilize domain names and DNS infrastructure, how these uses evolve, and how cyber threat analysts can use DNS intelligence to…
The Spamhaus DROP list – “DROP (Don’t Route Or Peer) and EDROP are advisory “drop all traffic” lists, consisting of stolen ‘hijacked’ netblocks and netblocks controlled entirely by criminals and professional spammers.” Basically, the DROP…