Security Blog

Chris Larsen's picture
Written by
Chris Larsen

Back in the way-old days of the Web, we had .com, .net, .org, .gov, .mil, and a bunch of two-letter "country code" Top Level Domains (TLDs).

Over the years, a few additional TLDs were approved, both familiar (.info, .biz, .mobi, .name, .pro) and less-familiar (.aero, .asia, .cat, .coop, .int, .jobs, .museum, .tel, .travel, .post).

Snorre Fagerland's picture
Written by
Basavaraj K. Biradar

 

 

After reading the Inception paper by Snorre Fagerland and Waylon Grange, I got curious about this threat and did some reversing. I felt that it would be good to write a technical blog about the process - maybe it could be helpful or interesting for some.

Chris Larsen's picture
Written by
Chris Larsen

In the previous post on recent Search Engine Poisoning (SEP) data, there were a few pieces of interesting research that "missed the cut-off". But they're worth a look...

 

Image Searches

Snorre Fagerland's picture
Written by
Ashwin K. Vamshi

It is very common for malicious actors to attempt to exploit trending news in order to lure users to execute malicious programs. As a regular practice we keep track of such instances.

Waylon Grange's picture
Written by
Waylon Grange

Last month we released our report on the Inception Framework and as part of that report outlined how a nation-state level attack compromised over 100 embedded devices on the Internet to use them as a private proxy to mask their identity

Chris Larsen's picture
Written by
Chris Larsen

A couple of years ago, we published an in-depth series of blog posts looking at the world of Search Engine Poisoning attacks (SEP).