GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the world’s largest domain name registrar, KrebsOnSecurity has learned. Continue reading GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Farsight DNSDB and Cortex XSOAR help gain context for all connected DNS-related digital artifacts

Farsight Security announced that Farsight DNSDB, a DNS intelligence database, is now integrated with Palo Alto Networks Cortex XSOAR, an extended security orchestration, automation and response platform that empowers security teams by simplifying and h… Continue reading Farsight DNSDB and Cortex XSOAR help gain context for all connected DNS-related digital artifacts

New infosec products of the week: August 7, 2020

Radiflow launches CIARA, a ROI-driven risk assessment and management platform for industrial organizations CIARA is a fully automated tool for assets data collection, data-driven analysis and transparent risk metrics calculation including risk scoring … Continue reading New infosec products of the week: August 7, 2020

DNSDB 2.0 transforms threat feeds into relevant threat intel in real time

Farsight Security introduced DNSDB 2.0, which enables security professionals to identify and map domain names and IP addresses associated with bad actors or used in malicious infrastructures, brand infringement campaigns, phishing schemes, ransomware a… Continue reading DNSDB 2.0 transforms threat feeds into relevant threat intel in real time

Who’s Behind the ‘Web Listings’ Mail Scam?

In December 2018, KrebsOnSecurity looked at how dozens of U.S. political campaigns, cities and towns had paid a shady company called Web Listings Inc. after receiving what looked like a bill for search engine optimization (SEO) services rendered on beh… Continue reading Who’s Behind the ‘Web Listings’ Mail Scam?

New infosec products of the week: February 14, 2020

RSA Archer SaaS: An integrated approach to managing risk RSA Archer SaaS can help reduce the time and resources dedicated to on-premise platform upgrades, patches, and maintenance activities, as well as enable customers to focus on maturing and expandi… Continue reading New infosec products of the week: February 14, 2020

Farsight Security enhances its Security Information Exchange data-sharing platform

Farsight Security announced enhancements to its flagship, Security Information Exchange (SIE) data-sharing platform to help security professionals measurably improve the prevention, detection and response of the latest cyberattacks. Newly active domain… Continue reading Farsight Security enhances its Security Information Exchange data-sharing platform

The future of DNS security: From extremes to a new equilibrium

In anticipation of his keynote at HITB Security Conference 2020 in Amsterdam, we talked to internet pioneer Dr. Paul Vixie, Farsight Security Chairman and CEO. Dr. Vixie was inducted into the internet Hall of Fame in 2014 for work related to DNS and an… Continue reading The future of DNS security: From extremes to a new equilibrium

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.

This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers. Continue reading A Deep Dive on the Recent Widespread DNS Hijacking Attacks

SIE Europe: Data sharing initiative to combat cybercrime launches

SIE Europe emerged from stealth mode to launch an initiative to enable European organisations to contribute and share Internet data. This consortium advances the detection and mitigation of phishing, malware and other targeted cyberattacks against thei… Continue reading SIE Europe: Data sharing initiative to combat cybercrime launches