Author Archives: Dancho Danchev

Dear blog readers,The following is a compilation of dynamic DNS providers in specific ones used by APTs and various other targeted campaign obtained using public sources. Sample dynamic DNS service provider domains known to have been involved in variou… Continue reading Dynamic DNS Service Providers for APT Command and Control (C&C) – An Analysis→

Dear blog readers,I’ve decided to continue my post on Bulgaria’s Circles commercial spyware vendor which I profiled here in depth which appears to be heavily affiliated with the Intellexa Commercial Spyware Consortium, the Predator Spyware and NSO Grou… Continue reading The Intellexa Commercial Spyware Consortium, The Predator Spyware, NSO Group and Bulgaria’s Circles Commercial Spyware Vendor→

Dear blog readers,The following is a compilation of publicly accessible information on cyber jihad URLs. Sample domains include:hxxp://7hj[.]comhxxp://alhawali[.]comhxxp://almurabeton[.]orghxxp://anwar-islam[.]comhxxp://aqsavoice[.]nethxxp://fateh… Continue reading A Personally Identifiable Cyber Jihadist Domain Portfolio→

This is from the “correct if I’m wrong but this is publicly accessible information so why shouldn’t I take a look at it” department.I’ve been recently going though Snowden’s archive and I came across to my favorite presentation which is on the topic of… Continue reading The Intersection Between a Snowden Slide and a Supposedly Malicious MD5→

Folks,Do you remember the international embassies web malware exploitation spree using client-side exploits that took place back in 2009 with the Russian Business Network the hosting provider of choice for these campaigns?I recently took the effort to … Continue reading International Embassies Web Malware Exploitation Serving Domain Properties→

The following is a list of personally identifiable email address accounts that are known to have been involved in cybercrime campaigns in 2009.      Sample personally identifiable email address accounts known to have been … Continue reading Personally Identifiable Email Address Accounts Known to Have Been Involved in Cybercrime Campaigns in 2009 – Part Two→

Dear blog readers,Are you looking for cybersecurity domains for your advertising or marketing projects?I have a portfolio which is available for sale here. The amount will go for fueling growth into my researchHere’s the list of domains:https://formgra… Continue reading Portfolio of Cybersecurity Domains→

The following is a list of personally identifiable email address accounts that are known to have been involved in cybercrime campaigns in 2009.      Sample personally identifiable email address accounts known to have been … Continue reading Personally Identifiable Email Address Accounts Known to Have Been Involved in Cybercrime Campaigns in 2009 – Part Two→

The following is a list of personally identifiable email address
accounts that are known to have been involved in cybercrime campaigns in
2009.      Sample personally identifiable email address accounts known to have bee… Continue reading Personally Identifiable Email Address Accounts Known to Have Been Involved in Cybercrime Campaigns in 2009→

Dear blog readers,The following is a compilation of URLs of known DDoS attack stresser tools.Sample URLs:hxxp://str3ssed[.]comhxxp://dream-stresser[.]suhxxp://zdstresser[.]nethxxp://darkvr[.]iohxxp://tresser[.]iohxxp://xstress[.]tophxxp://blaststress[…. Continue reading A URL Portfolio of DDoS Attack Stressers→