Fake Ads on Social Media: Leads for Criminals
Fake ads on social media is a growing problem. Learn the different scams and how to defend your brands
Protecting Against the Threat of Malicious Domain Name Registrations
Malicious domain name registrations are specifically created for nefarious purposes, such as phishing attacks. These registrations are more effectively mitigated at the DNS level compared to domains that have been compromised. Typically, these malicious domains are newer and...
Black Friday, Fake Websites and Posts
Ed Seaford – In the wake of the recent Black Friday sales, a critical issue has come to light, as highlighted in the Australian Competition and Consumer Commission’s (ACCC) latest blog. The increasing trend of scam websites impersonating reputable Australian retailers poses a...
Registrars Responsibility to Address Phishing Domains
Phishing domain names
A phishing domain name is a domain name that is registered to look like a legitimate domain name. Phishing domain names are used in phishing attacks, which are attempts to trick people into revealing personal information, such as passwords or credit card...
bank scams grow in Australia
Bank scams: The Australian Banking Association (ABA) released an awareness report and campaign about the increasing threat of scams.
Last year in Australia $851 million was lost to scams. In the year to July, 84,000 scam calls were reported to Scam Watch, which is an increase...
Penetration Testing: How to choose a supplier?
Penetration Testing aka pen testing has become a critical part of securing a business’ critical applications and networks. The market has a range of players, some that rely on automated vulnerability scans to highly experienced testers that treat each test with the...
Domain Name Monitoring: be proactive, not reactive
The first half of 2021 saw a large number of domain name-related attacks. ICANN (the global domain regulator) identified 6,124,060 domain name security threats. Most major Australian brands experienced some form of domain name abuse, we even saw AuDA (the Australian domain...
Bug: Hackers could spy on Google, AWS DNS traffic
Security firm Wiz, announced that they had discovered a simple loophole that allows the interception a portion of dynamic DNS traffic from all Internet traffic that was routed through managed DNS providers such as Google and Amazon.
This bug gives anyone the ability to see...
Let’s Encrypt exploited for fraudulent SSL certificates
A Security shortcoming in the mechanism used by Let’s Encrypt to validate web domain ownership create a loophole that allow cybercriminals to get digital certificates for domains more easily.
A team of researchers led by Haya Shulman, director of the Cybersecurity Analytics...
SPF records, from nice to have to must have
SPF records are critical to all businesses, small to enterprise. Have you ever received an email that looks like it is from a Bank but it is actually from a spammer posing as the Bank? This is called a “spoof” email, because it’s quite easy to fake the...
Registry Lock to Prevent Domain Hijacking
What is domain hijacking?
Domain name hijacking is when an unauthorized third party, often a hacker, gains control of a company’s domain name portal and seizes control over their DNS system, enabling them to make unauthorized changes and transfers.
What happens when a...
Portal Security: The Basics
Domain password security – the basics
Hackers use basic hacks and social engineering techniques to obtain, or figure out, passwords that do not follow best practice configurations. It is crucial that you as a user are following best practice password management to...