DomainTools

@DomainTools@infosec.exchange
819 Followers
168 Following
556 Posts
A global leader for internet #intel that enables security practitioners to proactively defend their organization in a constantly evolving threat landscape.
Websitewww.domaintools.com
Twitterhttps://twitter.com/DomainTools
Podcasthttps://www.domaintools.com/resources/podcasts/
DomainTools2d ago
New SecuritySnack: How attackers are abusing CloudFlare to hide M365 phishing campaigns. 🛡️➡️⚔️
Read the technical breakdown here: https://dti.domaintools.com/securitysnacks/securitysnack-cloudflare-anti-security-for-phishing
#CyberSecurity #Phishing #CloudSecurity #Infosec
DomainTools Investigations | SecuritySnack - CloudFlare Anti-Security For Phishing

A Microsoft 365 credential harvesting campaign is exploiting CloudFlare's anti-bot and human verification features to evade detection. Learn how attackers use IP blocklists, user-agent filtering, and obfuscated scripts to bypass security scanners—and what it means for the industry.

DomainTools3d ago

We’re heading back to Lille for #FIC2026 🇫🇷

Catch us on April 2 at 2:00 PM to see how security teams are getting real-time insight into malicious infrastructure and staying ahead of attackers.

đź“… Book time: https://calendar.app.google/eNsysJgTdz7b4ab56

Book a Meeting with DomainTools at FIC 2026

DomainTools4d ago
Stop responding to threats and start predicting them. 🛑 Find us at #RSAC to see how our new Real-Time Threat Feeds can help you identify malicious infrastructure before it’s weaponized.
Schedule a meeting with the DomainTools team in SF ⬇️
https://www.domaintools.com/events/rsac-2026
DomainTools | RSA Conference 2026

DomainToolsMar 5
One last February note 💌 The latest Daniel Schwalbe newsletter is here, featuring the DTI team’s latest analysis! Read it here👇 https://dti.domaintools.com/newsletters/fourteen-newsletters-and-fifteen-winters
Fourteen Newsletters and Fifteen Winters - DomainTools Investigations | DTI

Learn how Lotus Blossom (G0030) weaponized Notepad++ updates. Plus, a deep dive into 250+ crypto scam domains and upcoming BSides San Francisco sessions.

DomainToolsMar 2
📰DTI’s latest research dives into the dev-ops of disinformation campaigns. Read our investigation into the Doppelgänger / RRN disinformation ecosystem here 👇
https://dti.domaintools.com/research/doppelganger-rrn-disinformation-infrastructure-ecosystem
DomainTools Investigations | Doppelgänger / RRN Disinformation Infrastructure Ecosystem 2026

Analysis of the Doppelgänger / RRN disinformation ecosystem. Learn how this DevOps-style infrastructure uses automated media impersonation, TLD rotation, and cloud-native hosting to target global audiences and evade enforcement.

DomainToolsFeb 25
From fake BTC “doublers” to wallet-draining presale sites, DTI uncovered a crypto scam network spanning ~250 domains impersonating public figures like Elon Musk and President Donald Trump.
Read the investigation ⬇️ https://dti.domaintools.com/securitysnacks/securitysnack-idolized-crypto-scams
#Cybersecurity #Scams #Crypto #Infosec
DomainTools Investigations | SecuritySnack - Idolized Crypto Scams

An analysis of an active cryptocurrency scam operation impersonating Trump, Musk, and Truth Social across 250+ domains — uncovering shared wallet infrastructure, on-chain laundering pipelines, and the tactics used to fake legitimacy.

DomainToolsFeb 11

🪷 The Petals of Espionage: DomainTools Investigations’ latest research analyzes the “who” ,“how”, and “why” behind Lotus Blossom’s compromise of Notepad++.

Read the investigation: https://dti.domaintools.com/research/lotus-blossom-and-the-notepad-supply-chain-espionage-campaign

DomainTools Investigations | Lotus Blossom (G0030) and the Notepad++ Supply-Chain Espionage Campaign

How Lotus Blossom (G0030) compromised the Notepad++ update pipeline in a precision supply-chain espionage campaign targeting high-value organizations.

DomainToolsFeb 11
It’s Day # 2 of #AFCEAWest, and DomainTools Federal is here at the San Diego Convention Center. Stop by Booth # 2309 to talk to our team about how we give you the offensive edge against state sponsored adversaries.
DomainToolsFeb 10
DomainTools Federal is at #AFCEAWest at the San Diego Convention Center! Stop by Booth # 2309 to learn how we’re giving bad actors more bad days.
DomainToolsJan 30
Targeting the Talent: The Rise of "Phishing Interviews" 🎣
Job seekers are the latest target in scams uncovered by the DomainTools Investigations (DTI) team. Read our investigation here: https://dti.domaintools.com/securitysnacks/securitysnack-phishing-interviews
#CyberSecurity #ThreatIntel #Phishing #JobHunt
DomainTools Investigations | SecuritySnack: Phishing Interviews

Phishing campaign targets job seekers with fake career portals and interview invites, stealing ID.me credentials and deploying malware since August 2025.