DomainTools2d ago

Our team at DomainTools Investigations (DTI) took a deep dive into the ZionSiphon malware sample(“SCADA_SecurityPatch_v8.4.exe”) that’s been circling in sandboxes since 2025.

Read our investigation here⬇️ http://dti.domaintools.com/research/threat-intelligence-report-zionsiphon
#Cybersecurity #ICS #Malware #InfoSec #DomainTools

DomainTools Investigations | Threat Intelligence Report: ZionSiphon OT Malware First Attempts? Psyops? Both?

Analysis of ZionSiphon (SCADA_SecurityPatch_v8.4.exe), a .NET OT malware targeting Israeli water utilities. Discover its IOCs, targets, and flawed activation code.

KrebsOnSecurity RSSFeb 28

Who is the Kimwolf Botmaster “Dort”?

https://krebsonsecurity.com/2026/02/who-is-the-kimwolf-botmaster-dort/

#jacobbutler803@gmail.com #jay[email protected] #ConstellaIntelligence #Ne'er-Do-WellNews #osint.industries #ALittleSunshine #DDoS-for-Hire #Kimwolfbotnet #Breadcrumbs #domaintools #Dortsolver #Flashpoint #Minecraft #Intel471 #SpyCloud #CPacket #DortDev #Epieos #GitHub #Dort #M1CE #Qoft

Who is the Kimwolf Botmaster “Dort”? – Krebs on Security

DomainToolsOct 23, 2025

How do you uncover the infrastructure behind state sponsored ransomware? DomainTools analysts used domain risk scoring and pivots off of DNS artifacts to expose hidden connections between Russian-affiliated threat groups. Read the full investigation: https://dti.domaintools.com/mapping-hidden-alliances-russian-affiliated-ransomware/

#ThreatIntelligence #APT #Ransomware #DomainTools #CyberOps

bsidesnovaOct 11, 2025
Level up your cybersecurity with #BSidesNoVA *GOLD* sponsor, #DomainTools! 🛡️ They're the global leader in Internet intelligence, giving elite security teams the clear, real-time data they need to connect the dots and neutralize threats faster. #Cybersecurity #KnowNow https://www.domaintools.com/
KrebsOnSecurity RSSSep 11, 2025

Bulletproof Host Stark Industries Evades EU Sanctions

https://krebsonsecurity.com/2025/09/bulletproof-host-stark-industries-evades-eu-sanctions/

#StarkIndustriesSolutionsLtd #Russia'sWaronUkraine #PQHostingPlusS.R.L. #Ne'er-Do-WellNews #AndreyNesterenko #ALittleSunshine #LatestWarnings #RecordedFuture #WorkTitansB.V. #IvanNeculiti #MisfitsMedia #YoussefZinad #YuriNeculiti #domaintools #MIRhosting #PQHosting #WTHosting #AS209847

Bulletproof Host Stark Industries Evades EU Sanctions – Krebs on Security

ITSEC NewsSep 11, 2025
Bulletproof Host Stark Industries Evades EU Sanctions - In May 2025, the European Union levied financial sanctions on the owners of Stark ... https://krebsonsecurity.com/2025/09/bulletproof-host-stark-industries-evades-eu-sanctions/ #starkindustriessolutionsltd #russiaswaronukraine #pqhostingpluss.r.l. #neer-do-wellnews #andreynesterenko #alittlesunshine #latestwarnings #recordedfuture #worktitansb.v. #ivanneculiti #misfitsmedia #youssefzinad #yurineculiti #domaintools #mirhosting
Bulletproof Host Stark Industries Evades EU Sanctions – Krebs on Security

KrebsOnSecurity RSSAug 26, 2025

DSLRoot, Proxies, and the Threat of ‘Legal Botnets’

https://krebsonsecurity.com/2025/08/dslroot-proxies-and-the-threat-of-legal-botnets/

#prepaidsolutions@yahoo.com #InternetofThings(IoT) #ConstellaIntelligence #incorptoday@gmail.com #ryzhik777@gmail.com #ALittleSunshine #AliaksandrHolas #DomainTools.com #GlobalSolutions #LatestWarnings #WebHostingTalk #BlackHatWorld #Breadcrumbs #AndreiHolas #Incorptoday #LloydDavies #USProxyKing #Sacapoopie #RevEng.ai #Intel471 #DSLRoot #Reddit

DSLRoot, Proxies, and the Threat of ‘Legal Botnets’ – Krebs on Security

ITSEC NewsAug 26, 2025
DSLRoot, Proxies, and the Threat of ‘Legal Botnets’ - The cybersecurity community on Reddit responded in disbelief this month when a sel... https://krebsonsecurity.com/2025/08/dslroot-proxies-and-the-threat-of-legal-botnets/ #prepaidsolutions@yahoo.com #internetofthings(iot) #constellaintelligence #incorptoday@gmail.com #ryzhik777@gmail.com #alittlesunshine #aliaksandrholas #domaintools.com #globalsolutions #latestwarnings #webhostingtalk #blackhatworld #breadcrumbs #andreiholas #intel471
DSLRoot, Proxies, and the Threat of ‘Legal Botnets’ – Krebs on Security

KrebsOnSecurity RSSAug 6, 2025

Who Got Arrested in the Raid on the XSS Crime Forum?

https://krebsonsecurity.com/2025/08/who-got-arrested-in-the-raid-on-the-xss-crime-forum/

#AntonGannadievichMedvedovskiy #AntonViktorovichAvdeev #ConstellaIntelligence #toschka2003@yandex.ru #Ne'er-Do-WellNews #DomainTools.com #paranoidlab.com #SergeiiVovnenko #TheComingStorm #Breadcrumbs #LockBitSupp #Ransomware #exploit.in #Flycracker #DaMaGeLaB #Hack-All #Intel471 #xss[.]is #9588693 #Europol #LockBit #N0klos #Qiliin #Conti #rEvil #Sonic

Who Got Arrested in the Raid on the XSS Crime Forum? – Krebs on Security

ITSEC NewsAug 6, 2025
Who Got Arrested in the Raid on the XSS Crime Forum? - On July 22, 2025, the European police agency Europol said a long-running investiga... https://krebsonsecurity.com/2025/08/who-got-arrested-in-the-raid-on-the-xss-crime-forum/ #antongannadievichmedvedovskiy #antonviktorovichavdeev #constellaintelligence #toschka2003@yandex.ru #neer-do-wellnews #domaintools.com #paranoidlab.com #sergeiivovnenko #thecomingstorm #breadcrumbs #lockbitsupp #ransomware #exploit.in #flycracker #damagelab #sbu
Who Got Arrested in the Raid on the XSS Crime Forum? – Krebs on Security