RDAP: A Great Step Forward, but Also a Missed Opportunity

One of the major tools used by cybersecurity professionals is the WHOIS query. The query enables retrieval of information about a given domain – where it was registered, when it was registered, when it expires, what its name servers are, and more. This information can be crucial for brand protection, law enforcement investigations, and more. […]

Threat Actors’ Hottest New Target: Access to DNS Servers

Threat actors are always on the lookout for ways to monetize access to systems. While endpoints and cloud environments have long been favored targets, a new target is starting to trend in the dark web – access to DNS servers. A scroll through various dark web forums reveals multiple offers by threat actors selling access […]

A Quick Dive Into the Telegram Infostealer Scene

According to Check Point Software, 2024 saw a significant increase in infection attempts by Infostealer logs, up by 58% from the previous year. Infostealers pose a growing threat to organizations across all industries, as leaked employee credentials could provide threat actors with opportunities to cause serious harm, enabling them to illegally access both internal resources […]

The Three Pillars of Running an Effective Anti-Phishing Program

Many organizations face the threat of Phishing. Cybercriminals utilize Phishing attacks to obtain user credentials for whichever service they deem valuable – from internet service providers (the first recorded Phishing attacks targeted AOL users), to financial institutions and online services such as Netflix and Instagram. In order to protect their customers, organizations have no choice […]

4 Methods Threats Actors Use to Extend the Lifespan of Phishing Attacks

Despite becoming a major threat over two decades ago, Phishing attacks are still a major technique used to steal credentials. Their use by threat actors hasn’t slowed down due to two main factors – they still require a relatively small amount of technical prowess to pull off, and they are still quite effective. Phishing attacks […]

The Term “Phishing” is Problematic

The cybersecurity space has always had a problem with terminology. For example, Business Email Compromise (BEC Fraud) refers to incidents where threat actors gain access to a company’s Email address and use previous email communications to defraud existing relationships, such as customers or partners. However, in some cases of BEC fraud, threat actors don’t actually […]

Refresh HTTP Response Header in Phishing – What’s New?

The following article has been posted on the LinkedIn page of our new takedown service, CyberATS. We recommend following CyberATS‘s and IntelFinder‘s LinkedIn pages to get notified when new articles are posted. A bit over a month ago, on September 11th, Palo Alto Networks‘s Unit 42 reported on a new development in the Phishing space […]

Announcing CyberATS: Automated Takedown Services

At IntelFinder, we’ve always been at the forefront of delivering actionable threat intelligence to our clients. However, detecting a threat is merely the first step of keeping your organization secure. Therefore, for over a year and a half we have been working on a new service to support the second part of the remediation process – […]