Good practices to ensure that your domain that isn't used for email can't be used by spammers.

#domain #dns

https://www.spamresource.com/2025/10/ask-al-57-protecting-parked-domains.html

Welchen Unterschied macht es denn wenn ich entweder bei #Yunohost Subdomains anlege oder diese bei Hetzner anlege?
Aktuell habe ich für Yunohost selbst eine Subdomain eingerichtet yunohost.domain.org
Wenn ich nun eine Applikation installieren möchte, lege ich davor bei Hetzner eine Subdomain z.B. grocy.domain.org an.
Allerdings könnte ich ja auch unter Yunohost meine Hauptdomain domain.org angeben und für alle Applikationen bei Yunohost selbst Subdomains basierend auf meiner Hauptdomain angeben.
Gibts da einen Unterschied, bzw Vor- oder Nachteile?

#domain #dns

It's annoying to wake up Friday motivated to wrap up your week's threat hunting, but instead getting derailed because a quick Google search gives you extra work...

All we wanted to do was make an address change... so a quick search for "o2 address change".

The top results were not to the official site but to 02support[.]info and 02official[.]com. sigh.

The one time there isn't an AI summary to scroll past, it is because there is a scam paying to replace it...

Here's some scans and images.

O2: https://urlscan.io/result/0199cdf0-688f-70ac-bae9-84cdf3d565fa
O2: https://urlscan.io/result/0199cdf0-6327-7531-969e-88adda6cf256
EE: https://urlscan.io/result/0199cdf0-8457-773c-8851-b3ecca7000f4
Tesco Mobile: https://urlscan.io/result/0196c3d2-5fdc-71bd-9d4d-89585de0559f
Vodafone: https://urlscan.io/result/01994ca7-3f24-7743-9aaf-d9a670f0fb01

#dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #phishing #scam

Pig butchering scams - also called sha zhu pan - have gained a lot of attention over the last few years. People know these investment scams are connected to human trafficking, but it is less recognized how they relate to illegal gambling and offshore shell companies.

All of this fuels a massive criminal economy.

Thankfully, long-con scam operations on the internet often leave a strong DNS fingerprint. This enables us to connect physically identified scam compounds to domains - it's always the DNS! ;)

https://blogs.infoblox.com/threat-intelligence/pig-butchering-scams-and-their-dns-trail-linking-thr…

#dns #threatintelligence #shazhupan #crypto #cybersecurity #threatintel #pigbutchering #scam #infoblox

How about that… It WAS #DNS!🤡

I’ve been seeing intermittent latency issues on my #UniFi stats (not really feeling it, though…) and I was like „OK, Orange has some problems…”, but I guess it was all me.

Since I’ve dealt with shitty #AdGuard DNS config with semi-working #eu0 DNS servers as upstream, I haven’t seen any issues…

So… I guess it’s always DNS…😅

You can use #duckdb for #dns lookups. 🤯 Like I needed more odd usecases for duckdb. 😅

https://github.com/tobilg/duckdb-dns

Level up your packet analysis skills before SharkFest kicks off!

This hands-on, 2 day class will teach you how to capture, analyze, and troubleshoot real network traffic using Wireshark. It will also prepare you for the WCA exam.

What you’ll learn:
- How to capture and analyze live network traffic
- Key protocol deep dives (#TCP, UDP, HTTP, TLS, DNS, and more)
- Advanced display filtering and troubleshooting workflows
- Command-line analysis with #TShark

November 3–4 | Warsaw, Poland
Register now: https://sharkfest.wireshark.org/sfeu

#Wireshark #sf25eu #Networking #NetworkEngineering #DNS #UDP #WCA #NetworkAnalysis #Cybersecurity

This was a bit wild and I don't understand SEO or Google News well enough to grok the whole thing, but certainly got the DNS part lol.

An obviously fake news about Trump stimulus came across a phone but from Google - at least it seemed that way. I see these same fake stimulus lures all the time in the opt-in scam-riddled push systems, but this was surprising.

Turns out a University organization had let their domain lapse and it seems almost instantly picked up by bad dudes.

There are now a ton of fake articles with clickbait titles. But the articles all qualify in the middle that they are fake. There's no ads on the page. You can leave a comment and email - who would do that?

I saw other sites citing this "news", so clearly a web of some kind. but i am clearly missing something. How did Google send this out? Presumably leveraging the University domain reputation, but as an ad? What's the goal of all these mea culpa fake sites?

The one thing i know for sure, is don't drop your domain. that bad guy now has access to your emails.

#threatintel #dns #cybercrime #scam #seo #adtech #cybersecurity #infosec

So something really weird happened today. I received an abuse report for a dormant domain I have.

The report pointed to a CNAME subdomain pointing to [org].github.io. The org is still there, the repository that was serving that subdomain is still there, but accessing it led to a phishing page.

Anyone has seen anything like that? No activity on the github organisation, nothing on audit logs of the affected domain. Nothing makes sense.

#github #infosec #dns #cname #phishing