DomainTools Blog

DomainTools Research

Inside the Murky World of HMRC Phishing Campaigns

DomainTools identifies malicious campaigns targeting HMRC and other organizations with the intent of capturing PII When people in the UK think of phishing scams, there’s a fair chance that the…

DomainTools Research

Using DomainTools Threat Profile to Identify Risky TLDs

Note: The source code for this analysis can be found in the DomainTools GitHub repo here. In the beginning there were six top level domains (TLDs). Ok, technically seven, but…

Product Updates

DomainTools Iris App for Anomali

A few months back, in early 2019, I found myself on a customer call with a SOC manager who begrudgingly admitted how much his team had come to value the…

Breaking Badness

Breaking Badness Episode 14: RIP Grumpy Cat

RIP Grumpy Cat Coming up this week on Breaking Badness. Today we discuss: A Vulnerability Called Thangrycat? You Gotta be Kitten Me!, WHASAPPPPPP, and ‘GozNym’ Discovers How Accrual the World…

Engineers Corner

End-to-End Testing in Iris

Hack Days were upon us and what was a quality assurance tester to work on? What would bring value to the company, make my job simpler, and be a fun…

Breaking Badness

Breaking Badness Episode 13: The Hurt Locker

The Hurt Locker  Coming up this week on Breaking Badness. Today we discuss: How Fin7 Leverages (enabled) Macro Economics, Holy Mackerel, Hidden Cobra is at it Again, and The…

DomainTools Research

Cache 22

People say that once something’s on the internet, it’s there forever. And while that seems to be unfortunately true for Facebook posts and embarrassing photos, it isn’t always the case…

Breaking Badness

Breaking Badness Episode 12: The Weekly Shatter

The Weekly Shatter Coming up this week on Breaking Badness. Today we discuss: What the Dell?!,  A Threat Actor Goes on a Power Trip, and Cartoon Network Dances On Air. Here are…

General Infosec

The 2019 Threat Hunting Report

Oftentimes in security, the practice of threat hunting is aspirational, as organizations consistently find themselves bogged down with alerts and forced to act on threats retroactively. That being said, more…

General Infosec

Developing Threat Hunting as a Practice

Threat hunting as a discipline is a relatively new practice area. It evolved from a combination of SecOps and forensic investigation activities. Now, when an incident occurs, professionals engage in…