Collaborate Disseminate
A report published today by DomainTools, a provider of cyberthreat intelligence tools and services, details how one small group of activists is allegedly employing astroturfing techniques to create the appearance of a nationwide grassroots effort thro… Continue reading Report: Domains Promoting Resistance to COVID-19 Orders Tied to One Owner
Microsoft Corp finally agreed earlier this week to acquire corp.com, a domain that poses security risks to Microsoft users due to a namespace collision issue. In February, security researcher Brian Krebs noted that the owner of corp.com was ready to se… Continue reading Microsoft buys ‘corp.com’ to protect customer infrastructure
The New York Attorney General has inquired about Zoom’s data security strategy, as the conferencing platform comes under heavy scrutiny for its privacy policies. Continue reading Zoom Scrutinized As Security Woes Mount
Researchers discovered a phishing campaign which attackers designed to harvest login credentials from government procurement services. According to Anomali Labs, malicious actors crafted their campaign to target various services used by public and priv… Continue reading Government Procurement Services Targeted in Phishing Campaign
I saw on my SMTP logs that it queried a possible phishing domain, I look up on its MX records and it didn’t have one. Does the domain need an MX record before sending phishing emails?
Continue reading No MX Records on a Possible Phishing domain?
We have some development and test environments using our canonical domain, e.g. dev.example.com. We also use some services from 3rd party providers that have obscure URLs like xjkhasdkjvhas.dns.ashdfb.3rdparty.io.
The canoni… Continue reading Risks associated with developers using their own domain for development services
I’ve created and published a .com web-application (nodejs-express in backend, react in frontend) with social-login (facebook, google, linkedin etc..). But I haven’t gone out publicly to ask people to use it, just a few beta-t… Continue reading Mirror site attack
Could the website owner (admin) determine whether to record users IP?
If the website owner (admin) doesn’t want to record users IP, will the host provider or domain name provider still get and record users IP?
For example I… Continue reading Would my IP be recorded when I visit a website
I would like to implement a DNS client which should be able to resolve any valid domain public, private or otherwise (tor,i2p). What’s the best way to achieve this?
I know that I need to pick a particular DNS server based o… Continue reading Universal DNS Resolver [on hold]
I have my new website to be published (it’s called buysteel.com). I will have thousands of clients visiting my site every month, and I would like to protect them around and at the site. Is it worth buying nonsense domains tha… Continue reading Should I buy nonsense domains just to make sure my clients don’t visit a misspelled domain?