Sorting Gray Alerts Using Domain Reputation Scores

Sorting Gray Alerts Using Domain Reputation Scores

The job of managed detection and response (MDR) teams, as their name suggests, is not limited to detecting cybersecurity threats. They are also responsible for carrying out the right actions in response to specific threat alerts.

If there were less than a hundred alerts, and they were all black or white, everything would go smoothly; at least when it comes to following up with the appropriate responses. Alerts with a definite malicious component would then be processed easily to quarantining and blocking stages, while benign alerts are ignored. But the cybersecurity landscape has become more complicated than that, for several reasons, including the facts that:

Typosquatting Daily Data Feed: the new enabler in the fight against phishing and malware

Typosquatting Daily Data Feed: the new enabler in the fight against phishing and malware

One result of our reseach and development is the introduction of the new “typosquatting data feed”, an innovative data set based on our long-standing experience with cybersecurity and the Domain Name System. In what follows we will demonstrate how this new resource can be used efficiently in the fight against spam, phishing and malware.

The main idea behind the new data feed is the observation that domain names which were registered on the same day and have similar names have an increased likelihood of being involved in a range of IT scams, including typosquatting attacks, domain name hijacking, and also phishing and malware. So, we have developed a technology for finding these groups of domain names.

Avoiding Adverse Effects on SEO through Domain Name Ownership History Checks

Avoiding Adverse Effects on SEO through Domain Name Ownership History Checks

When building their online presence, entrepreneurs and website owners are bombarded with tips and advice on search engine optimization (SEO) ranking. Among them are the publishing of high-quality and relevant content regularly, using metatags and alt tags, and using long-tail keywords.

All these are valid and effective, but your SEO ranking strategy should begin at the very first stage of website creation—choosing a domain name. In this post, we explored the effects of domain name ownership history on an organization’s SEO ranking, and how a simple check using WHOIS History Search can help users avoid related challenges.

How Name Server Checks Protect Your Network Against DNS Tunneling

How Name Server Checks Protect Your Network Against DNS Tunneling

Being a sort of open phonebook of the Internet, the Domain Name System (DNS) can be a corporate network’s weakest link. The main problem lies in how it works. As a way to ensure that devices communicate correctly over the Internet, DNS servers map IP addresses to domains in response to user queries.

More specifically, when a user searches for a domain name on their browser, the browser sends a query to the stub resolver, an operating system component, before querying the local name server.

DNS Flood Attack: What It Is and How to Avoid It with DNS Lookup Online Tools

DNS Flood Attack: What It Is and How to Avoid It with DNS Lookup Online Tools

These days, even large-scale operations suffer from Domain Name System (DNS) flood attacks despite using advanced solutions and subscriptions to the best anti-denial-of-service (DoS) protection services. Attackers always seem to come up with a way to launch distributed DoS (DDoS) attacks of unmatched sizes to take their victims’ sites offline. To date, the worst DDoS attack seen was 1.7 TBps strong. Resulting losses are difficult to ignore, as these range between $120,000 and $2 million.

How to Find a Netblock Owner with an IP Netblocks WHOIS Database

How to Find a Netblock Owner with an IP Netblocks WHOIS Database

IP netblocks can be considered a neighborhood to which consecutive IP addresses belong. As in the real world, there are good and bad neighborhoods. Fortunately, sophisticated threat intelligence tools enable security engineers to distinguish one from the other.

Traditionally, users can check computers communicating over a network by using a simple ping command to find unresponsive or misbehaving nodes. A ping test sends packets to a server and reveals if the same number of packets were returned, as well as how long it took the destination to issue a response.

How to Validate an Email Address for Typos, Syntax, Curse Words, and Other Rules

How to Validate an Email Address for Typos, Syntax, Curse Words, and Other Rules

Email marketing is without a doubt sound investment for companies. For every $1 spent on email marketing, the return on investment (ROI) can be as high as $32.28, according to DMA’s Marketer Email Tracker report.

The same study examined the respondents’ mailable list size, return rates, and delivery rates, and the findings are quite surprising. Some 55% of the respondents said there was a significant rise in their organization’s mailable list size, yet only 36% reported increased delivery rates. Also, 36% of the respondents said they encountered an increase in the number of returned emails.

Using Domain Ownership History to Secure Next-Gen Firewall Estates

Using Domain Ownership History to Secure Next-Gen Firewall Estates

Firewalls are an essential pillar of any enterprise network security strategy. They sift traffic coming in and going out of corporate networks, offering round-the-clock perimeter protection.

Even better are today’s next-generation firewalls (NGFWs), which bring interoperability and contextualization into the mix. These hybrid firewalls provide a more effective layer of protection as they combine both traditional firewalls with newer types.

Unfortunately, NGFWs and older versions for that matter are not the “be-all and end-all” of enterprise network security. They serve as a good starting point, but they also need to be appropriately configured to work — along with the right data feeds, which can include WHOIS history data, as this post will suggest.