Big Events have a way of changing editorial calendars. Before taking a brief Labor Day break, Iran’s Election Interference was next on our calendar. But things changed on 4-September with DOJ’s court …
CrowdStrike Outage Day 12: Winding Down, For Now
We are now twelve days (July 18-29) into the CrowdStrike Outage incident. While its impact and scale may be unprecedented, recovery operations are winding down. In this follow-on to our July 24th Flash …
CrowdStrike Outage Day 12: Winding Down, For Now arrow_forward
Flash Report: Malicious Domain Activity Related to CrowdStrike Outage
We are now in day 6 (July 18 – 23) of the Internet outage caused by a defective CrowdStrike software update. In this post, we focus on one aspect of the story …
Flash Report: Malicious Domain Activity Related to CrowdStrike Outage arrow_forward
Bulletproof Hosting Havens for FIN7 and Russian Cyber Threat Groups
Initially, this post was intended to be a routine review of how cyber threat actors utilize domain names and DNS infrastructure, how these uses evolve, and how cyber threat analysts can use …
Bulletproof Hosting Havens for FIN7 and Russian Cyber Threat Groups arrow_forward
CopyCop+: A Primer in GenAI Disinformation and DNS Intelligence for CTI Analysts
CopyCop refers to two recent Cyber Threat Intelligence (CTI) reports from Recorded Future on GenAI (Generative AI) enabled Russian Influence Operations. The CopyCop campaigns are just the latest examples of ‘narrative laundering’ …
CopyCop+: A Primer in GenAI Disinformation and DNS Intelligence for CTI Analysts arrow_forward