Team Cymru found 28 IPs and 85 domains hosting carding login/forum pages; common TLDs .su .cc .ru. Detection used HTTP/HTTPS title regex and X509 clustering; NetFlow linked related hosts. #carding #netflow #passiveDNS https://bit.ly/4jJ8s4m

LookyLoo analysis of a website with Passive DNS records.

Is this website legit? 👉 https://www.macaissedepargnehautsdefrancemerepond.fr/

At first glance, the domain name looks suspicious. But when we checked Passive DNS data, it turns out the domain has existed for over two years and has been seen before. Was it […]

[Original post on infosec.exchange]

Trends H2 2024: Cyber Insights | Quad9 To protect our users, Quad9 blocks DNS lookups of malicious host names from an up-to-the-minute list of threats. This blocking action protects your computer, mobile device, or IoT systems against a wide range of threats, such as malware, phishing, spyware, and botnets, and it can improve performance and privacy. This blogpost provides security insights on the threats blocked by [Quad9 DNS](https://quad9.net/) between July and December 2024\\. The report combines DNS telemetry data and open-source intelligence with statistics and analysis to provide security insights on the top malicious domains visited by our users and blocked by Quad9 DNS. Additionally, the post presents key regional threats targeting Quad9 users.

#Quad9 published their latest cyber threat report for the second half of 2024. Great and concise write-up. A nice illustration on what threats you can derive purely based on #passiveDNS insights:

Trends H2 2024

#DNS #threatintel #infosec