Closed Door Sessions

May 7 | San Francisco
10 AM – 1 PM

Researchers from Infoblox, Cyware, and DomainTools will present on active threat intelligence campaigns that have not been publicly disclosed and emerging threats. The event is invite-only.

Sessions

TimeSessionPresenter
10:15 – 11:00 a.m. PDTDistinguishing VexTrio’s Robot Captcha Campaigns

TLP:RED

Chris Kim
Staff Threat Researcher
Infoblox
11:00 – 11:45 a.m. PDTThe Criticality of Standardization in Cybersecurity AI Systems

TLP:CLEAR

Jason Keirstead
VP Collective Threat Defense
Cyware
11:45 a.m. – 12:30 p.m. PDTThe Resurgence of the “Manipulaters” Team – Breaking HeartSenders

TLP:RED

Sean McNee
VP Security Research
DomainTools

This event is going to showcase research from various threat intelligence teams and due to privacy concerns any information that is disclosed is not to be disseminated.

Latest from the DomainTools Research Team

From USPS package redelivery phishing attacks, to the resurgence of Manipulaters, the DomainTools Research Team unearths malicious campaigns with DNS at the epicenter.

New Leader Named in Evil Corp
Blog

Hostile Takeover: A History of Evil Corp after a Leader is named by Law Enforcement

tl;dr The threat group known as Evil Corp has shown they have resilience as they continue to iterate and regroup in an effort...
A digital illustration of a bright blue light source emitting waves and beams, surrounded by vertical lines of binary code against a dark blue background, creating a futuristic ambiance.
Blog

The Resurgence of the “Manipulaters” Team - Breaking HeartSenders

The Pakistan-based “Manipulaters” (their corruption of the word “manipulators”) represent a notorious and, in some...
Abstract digital background with glowing blue lines and dots representing connectivity and data flow on a dark backdrop, ideal for highlighting the importance of being vigilant about US Postal Service phishing during the holidays.
Blog

Merry Phishmas: Beware US Postal Service Phishing During the Holidays

For Cybercriminals, the Season of Giving is a Season for Taking  Special note: A podcast is available on this topic,...
Blog

Return to Sender - A Brief Analysis of a US Postal Service Smishing Campaign

In recent weeks there has been a noticeable uptick in campaigns targeting the US Postal Service (USPS) as an institution,...
Blog

The Most Prolific Ransomware Families: 2023 Edition

The ransomware landscape has changed significantly since our last post, in which we identified the most prevalent cybercrime...
Abstract network graphic with interconnected nodes and lines on a dark background, featuring glowing pink and blue dots and links suggesting digital connectivity in the context of financial advisor impersonation.
Blog

Update: Financial Advisor Impersonation Ring Targets FINRA

Escalation in Financial Advisor Impersonation Tactics DomainTools Research continues to track a well-organized financial...
Planet with green codes
Blog

No Blocking, No Issue: The Curious Ecosystem of Financial Advisor Impersonation Scams

Introduction An increasingly common and highly effective fraud technique known as “pig butchering” uses a complex web...
malicious detections background
Blog

Purpose Built Criminal Proxy Services and the Malicious Activity They Enable

Obfuscation of Malicious Behavior It is both natural and expected that industries grow, evolve, and increase their sophistication,...
Crypto winter fraudsters impersonate ukraines government to steal nfts and cryptocurrency
Blog

Crypto Winter: Fraudsters Impersonate Ukraine’s Government to Steal NFTs and Cryptocurrency

Introduction With winter approaching and Ukraine’s critical infrastructure repeatedly targeted by Russian missiles, impersonating...
Crypto Hero
Blog

Crypto Phishing and Credential Stealer Footprint Continues to Expand

DomainTools Research Uncovers Additional Infrastructure Related to Recent Malware Campaigns Targeting Windows & Android...
The State of Threat Hunting
Blog

The State of Threat Hunting

As you undoubtedly know, Security Operations Centers (SOCs) are increasingly turning to threat hunting to help security teams...
Black background with a planet and codes
Blog

A Sticky Situation Part 2

In May 2022, we reported on the Caramel skimmer-as-a-service and how the proliferation of online credit card skimmers support...