Cybersecurity Reading List - Week of 2025-10-27 - DomainTools Investigations | DTI
Commentary followed by links to cybersecurity articles that caught our interest internally.| DomainTools Investigations | DTI
Commentary followed by links to cybersecurity articles that caught our interest internally.| DomainTools Investigations | DTI
Ian Campbell's recap of DTI's participation at BSides NoVa| DomainTools Investigations | DTI
A deep dive into the 4-stage NPM phishing attack flow that led to high-profile repository account takeover. Protect your development security. The post SecuritySnack: Repo The Repo - NPM Phishing appeared first on DomainTools Investigations | DTI.| DomainTools Investigations | DTI
Starting in September 2024, a financially motivated cluster of more than 80 spoofed domain names and lure websites began targeting users with fake applications and websites themed as government tax sites, consumer banking, age 18+ social media content, and Windows assistant applications. The actor used these spoofed domains to deliver Android and Windows trojans likely for the purpose of stealing credentials or more overtly through the use of fake login pages. The post SecuritySnack: 18+E-Cri...| DomainTools Investigations | DTI
Commentary followed by links to cybersecurity articles that caught our interest internally. The post Cybersecurity Reading List - Week of 2025-09-29 appeared first on DomainTools Investigations | DTI.| DomainTools Investigations | DTI
A group has been targeting Indonesian and Vietnamese Android users with banking trojans disguised as legitimate payment and government identity applications. The operators exhibit distinct domain registration patterns, often reusing TLS certificates and grouping domains to resolve to the same IP addresses, with a strong operational focus during Eastern Asia's daytime hours. The post Banker Trojan Targeting Indonesian and Vietnamese Android Users appeared first on DomainTools Investigations | ...| DomainTools Investigations | DTI
