follow us in feedly

BLOG

6 Compelling Reasons Why You Should Check Email Address Owners and Other Email Security Tips

6 Compelling Reasons Why You Should Check Email Address Owners and Other Email Security Tips

Posted on by admin

An email address is, perhaps, one of the most overlooked network-accessible resources. Many highly publicized attacks are attributed to a phishing email link that an unsuspecting employee regrettably clicked on. Also, business email compromise (BEC) accounted for 50% of total losses among organizations or $1.2 billion in 2018. Yet despite all the constant warnings and devastating examples, these attacks keep on happening. Why is this so?

The occurrence could be bewildering indeed for cybersecurity professionals who deploy the most advanced endpoint protection and intrusion detection systems (IDSs) there is. Unfortunately, all efforts to ward off attackers can prove irrelevant unless you educate employees on good email hygiene or implement the right email security policies.

Continue reading
Building an Effective Omnichannel Retail Strategy with GeoIP Database Lookup

Building an Effective Omnichannel Retail Strategy with GeoIP Database Lookup

Posted on by admin

Most retailers nowadays harness the power of the Internet to reach a broad range of consumers. But it doesn’t mean e-commerce has made physical facilities redundant. In fact, many shoppers like to use both channels, sometimes even nearly real time to complete a purchase.

For instance, some might “window shop” online to quickly evaluate alternatives and availabilities but then buy in-store so they can make sure a chosen product fits their needs. Or, on the contrary, they might check out physical items first but end up ordering online out of convenience.

Continue reading
How to Retrieve Domain WHOIS History Data After Redaction

How to Retrieve Domain WHOIS History Data After Redaction

Posted on by admin

WHOIS information is indispensable for any cybersecurity researcher. It is an essential resource for tracking down registration owners for a variety of reasons that range from settling trademark and cybersquatting disputes to configuring websites. With WHOIS records, a security analyst or website administrator can quickly get in touch with a registrant owner to resolve or file a dispute, transfer a domain with ease, or set up a valid Secure Sockets Layer (SSL) certificate.

Continue reading
Leveraging Cyber Threat Intelligence: Must-Dos for Companies To Prevent Phishing and Other Attacks

Leveraging Cyber Threat Intelligence: Must-Dos for Companies To Prevent Phishing and Other Attacks

Posted on by admin

While phishing is considered one of the oldest threats in any cyber attacker’s arsenal, it still manages to work. The targeted organization or individual, social engineering bait, and the manner in which information gets stolen or malware is delivered may change. Still, the motivation often remains: to take someone’s details or even identity.

In many phishing scams, cybercriminals opt to create a fake company pretending to offer services that may be hard for users to resist. Such is the case of two confirmed phishing domains we analyze throughout this piece—technoarubacloud[.]com and teichdata[.]at. Any visitor lured to avail themselves of these two fake suppliers’ offerings is likely to be tricked into handing over personally identifiable information (PII) to the criminals behind the bogus sites.

Continue reading
How to Build Attacker Profiles By Using Domain Registration History Records

How to Build Attacker Profiles By Using Domain Registration History Records

Posted on by admin

Consider this scenario: You just got wind that a prolific cybercriminal has recently been spotted. You want to avoid joining his/her list of victims, of course. The question is how you go about it. Building attacker profiles, notably with WHOIS, might help.

Of course, that has become harder now that much stricter privacy protection laws like the General Data Protection Regulation (GDPR) are in effect. Typical WHOIS searches for a list of sites to avoid may no longer work since many domain owners, especially in the European Union (EU), can opt to redact their personal information from registration records.

Continue reading
How to Search for a Domain Name: 6 Domain Purchasing Best Practices

How to Search for a Domain Name: 6 Domain Purchasing Best Practices

Posted on by admin

Not everyone is truly aware of the ramifications of buying a domain. There are many factors to consider in order to make a good purchase and later avoid undesirable connections to, say, malicious individuals and their networks. So, how could a domain name be dangerous, after all? Those in the cybersecurity industry know that cyber attackers can weaponize a domain name for use against organizations and networks.

This article aims to shed light on why domain buyers, such as those without cybersecurity or marketing know-how, should conduct some research on domains of interest with the help of tools such as WHOIS LookupDomain Availability API or Domain Research Suite.

Continue reading
Reverse NS Lookup: Security Against DNS-Based Attacks

Reverse NS Lookup: Security Against DNS-Based Attacks

Posted on by admin

Given today’s threat landscape, known threats or those that get publicized are quite hard to protect against. However, risks that come from unknown sources are even harder to detect and block. Domain Name System (DNS)-based attacks fall into the second category for a variety of reasons, the topmost of which is that once domains are up and running, their owners put their security in the background.

There are ways to avoid becoming the next victim of a DNS-based attack, though. One of them is using a reliable reverse name server (NS) solution such as Reverse NS Lookup. But before we delve into further details, let us first discern why attackers take advantage of inherent DNS weaknesses to get to their targets.

Continue reading
How to Use a DNS Archive to Improve Website Traffic, Reputation, and Performance

How to Use a DNS Archive to Improve Website Traffic, Reputation, and Performance

Posted on by admin

Infosec professionals are invariably responsible for guaranteeing that their organizations’ websites remain accessible at all times. And so, they should be aware of the consequences of a single website outage. Network downtimes can cost most enterprises between $101,000 and $5,000,000 an hour.

The problem with outages, however, is that they mostly go undetected before they inflict noticeable damage. Customers don’t usually report website issues such as page time-outs unless a purchase was involved. As such, the discovery of these glitches often comes too late since your search engine rankings or conversion rates have already dropped significantly. Worse still, malicious actors may have even taken over your site infrastructure.

Continue reading