🖐 Le rapport 2024-2025 du service de médiation de l'Afnic est disponible !

Ce service complète les procédures SYRELI et PARL Expert.

📊 Bilan :

✅ En plein essor → +36,6 % de demandes entre 2024 et 2025
✅ Efficace → 63 % des médiations ouvertes ont abouti à un accord
✅ Rapide → 3 jours ouvrés en moyenne pour parvenir à un accord

📄 Rapport complet : https://www.afnic.fr/observatoire-ressources/actualites/le-service-de-mediation-de-lafnic-confirme-son-efficacite/

#Afnic #InternetMadeInFrance #NomDeDomaine #DNS #Cybersécurité #Phishing #Cybersquatting #SouverainetéNumérique

🏆 853 000 noms de domaine en .fr ont été enregistrés en 2025, confirmant le dynamisme du numérique français.

Mais cette croissance s’accompagne d’un enjeu clé : la lutte contre les abus : #phishing, #cybersquatting, #usurpation

👉 L’Afnic lance une “vitrine des abus” pour renforcer la #transparence et mieux comprendre les tendances, avec des données trimestrielles sur les abus liés aux NDD en .fr.

Pour consulter ces éléments 🔗 https://www.afnic.fr/observatoire-ressources/observatoire/vitrine-abus/

#Afnic #DNS #Cybersécurité #Numérique

Fun #SitecoreLunch today! Discussed:

📺 Old TV
🎙️ Podcasts
🤑 #GoogleUCP
🦦 #EmmetOtter
🤖 AI commerce
🖥️ #Cybersquatting
🔎 #AEO & #GEO tips
♾️ AI prompt generator
🛍️ #SitecoreOrderCloud
🌍 #SUGCONEU in London
🏰 #BuckinghamPalace tour
🏃‍ AI-generated sprint planning

See you same time next week! 🥪🥗

The milords of Delhi HC present, yet another banger!: Mandatory #eKYC of #DomainNameRegistrations in #India!

https://www.medianama.com/2025/12/223-delhi-high-court-e-kyc-verification-website-domain-name-registrations/

Excuse this time: #Cybersquatting, #Typosquatting!

Salient details:
- MANDATORY for DNRs in India
- Registrars MUST collect and retain personal ID, IP & activity logs SECURELY!
- DISABLE default WHOIS PROTECTION!
- Details to be supplied within 72hrs of order by enforcement agencies (no warrant?)
- No more complementary emails!

[1/4]

@internetfreedom

Back in April 2020, Elise Thomas fell into a rabbit hole with Danish Satanist Biohackers and she wrote this excellent thread on X https://threadreaderapp.com/thread/1253318042001367040.html, detailing her descend. The update I'm writing below, tells you some of what has happened since then.

In October 2021 journalist https://bsky.app/profile/frederikkulager.bsky.social wrote an article in Danish about this user, detailing his connection to the Bill Gates Microchip conspiracy theory, and how he had tried to bamboozle https://bsky.app/profile/luciengreaves.bsky.social (article: https://www.zetland.dk/historie/segJ4JyJ-aOZj67pz-9950e). Shortly after publishing, the user changed his name, and made the BEZH IG and X accounts protected. But he wasn't done yet.

He doubled down on another project: https://twitter.com/@.terror_alarm. According to himself it's the "World's First Strategist Agentic AI". There's a website, an X account, a bsky account, a Telegram channel, and Facebook page. The Facebook page is interesting, because when that page was created, it was called "ISIS Alarm" (https://files.catbox.moe/dt4226.png). And look, the Terror Alarm X account used to be called isisalarm_com (https://files.catbox.moe/rmqweh.png).

For additional proof, consider the Google Play Store entry for the app with package ID com.isis.alarm (https://files.catbox.moe/nh00ta.png), promoted by various accounts on twitter. including Terror Alarm, from back when it was called isisalarm_com: https://files.catbox.moe/khz5e3.png. That app was published by BEZH, the Danish BiChip company.

So BEZH is now behind @.terror_alarm, a pro-Israeli account that also dables in drones, and other more or less dubious and non-existing ventures. Jared Kuschner and Joe Rogan follows the account, https://files.catbox.moe/csbdby.png

The owner seemingly likes to repurpose old Twitter accounts with new handles, and new exciting ventures. Which other ones might this person be repurposing? We know enjavi_com used to belong to him. Finding an old wayback machine entry, shows a link to a Periscope channel (https://files.catbox.moe/0qu2d0.png). Opening that link today, takes you to the periscope channel of @.katbunos (https://files.catbox.moe/gfqu4t.png).

So the account formerly known as enjavi_com and armyofthechrist, was renamed again, and is now called @.katbunos, cybersquatting on @.katbuno, a gamestreamer with 11m subscribers on YT.

#misinformation #cybersquatting #TerrorAlarm #SallyEnjavi #SimonSallyenjavi #BEZH #isisalarm #bichip #bichipcoin

HACKLOG 2x14 - Attacchi al Dominio Web e Domain Hijacking (Cyber/Typosquatting, Enumerazione)

https://peertube.uno/w/iKvZc2jxebfcw87bwk8Kr2

🤨 They’re wanting $14,000 for this

Porkbun Marketplace: The domain microsoft.zip is for sale.
#Cybersquatting #DomainSquatting
https://microsoft.zip/

"#Slopsquatting is a type of #cybersquatting. It is the practice of registering a non-existent software package name that a large language model (#LLM) may hallucinate in its output, whereby someone unknowingly may copy-paste and install the #software package without realizing it is #fake."

https://en.wikipedia.org/wiki/Slopsquatting

A wild ZWSP appears!

In case you’re not fluent in Unicode and percent-encoding: %E2%80%8B is a zero-width-space, an invisible character which helps set line-breaks correctly.

It seems that broken links with ZWSPs or unicode control characters like the left-to-right mark are a widespread problem, opening a door to cybersquatting.

Or may I suggest the name ‘typography squatting’?

#Signal #SignalApp #Android #Google #PlayStore #GrapheneOS #GitHub #TypoSquatting #CyberSquatting #TypographySquatting #InfoSec #Security #CyberSecurity

🚨 Fake Booking.com phishing pages used to deliver malware and steal data
⚠️ Attackers use #cybersquatting, mimicking Booking website to create legitimate-looking phishing pages that trick users into executing malicious actions.
Leveraging #ANYRUN's interactivity, security professionals can follow the entire infection chain and gather #IOCs.

👨‍💻 Case 1: The user is instructed to open the Run tool by pressing Win + R, then Ctrl + V to paste the script, and hit Enter. This sequence of actions executes a #malicious script that downloads and runs malware, in this case, #XWorm.
Take a look at the analysis: https://app.any.run/tasks/61fd06c8-2332-450d-b44b-091fe5094335/?utm_source=mastodon&utm_medium=post&utm_campaign=fake_booking&utm_term=060325&utm_content=linktoservice

🔍 TI Lookup request to find domains, IPs, and analysis sessions related to this campaign:
https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=fake_booking&utm_content=linktoti&utm_term=060325#%7B%2522query%2522:%2522domainName:%255C%2522mktoresp.com%255C%2522%2520AND%2520domainName:%255C%2522booking.*.%255C%2522%2522,%2522dateRange%2522:30%7D%20%20

🎯 Use this search query to find more examples of this fake #CAPTCHA technique and enhance your organization's security response:
https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=fake_booking&utm_content=linktoti&utm_term=060325#%7B%2522query%2522:%2522commandLine:%5C%2522

👨‍💻 Case 2: In this scenario, threat actors aim to steal victims’ banking information. It’s a typical phishing site that mimics Booking website and, after a few steps, prompts users to enter their card details to ‘verify’ their stay.
See example: https://app.any.run/tasks/87c49110-90ff-4833-8f65-af87e49fcc8d/?utm_source=mastodon&utm_medium=post&utm_campaign=fake_booking&utm_term=060325&utm_content=linktoservice

📌 A key domain in this campaign, Iili[.]io, was also used by #Tycoon2FA #phishkit.
🔍 Use this TI Lookup query to find more examples:
https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=fake_booking&utm_content=linktoti&utm_term=060325#%7B%2522query%2522:%2522domainName:%255C%2522bzib.nelreports.net%255C%2522%2520AND%2520domainName:%255C%2522xpaywalletcdn.azureedge.net%255C%2522%2520AND%2520domainName:%255C%2522cdnjs.cloudflare.com%255C%2522%2520AND%2520domainName:%255C%2522xpaycdn.azureedge.net%255C%2522%2520AND%2520domainName:%255C%2522iili.io%255C%2522%2522,%2522dateRange%2522:180%7D%20

Investigate the latest #malware and #phishing attacks with #ANYRUN 🚀

#cybersecurity #infosec