Security insights and platform updates
Stay informed about the latest typosquatting trends, security best practices, and Have I Been Squatted news.
Announcing Email Intelligence for Microsoft 365
Email Intelligence ingests domain threat signals from Microsoft 365 mail into Have I Been Squatted lookups. Watchdog adds sender domain blocks in the tenant.
When a trusted trucking email delivers remote access
Attackers used what appears to be a compromised Microsoft 365 account at a US freight carrier, sent Bill of Lading phishing to business contacts, and used a PDF link to an S3-hosted EXE that silently installed a pre-configured N-able RMM agent.
Have I Been Squatted now integrates with Tines
Have I Been Squatted now integrates with Tines, so typosquat permutations, domain analysis data can run directly inside investigation stories.
Typosquatted domains were early signals in the Trivy and LiteLLM attacks
In the TeamPCP supply chain campaign, lookalike domains were registered and certified days before malicious commits shipped—public signals defenders can monitor for.
Diesel Vortex: Inside the Russian cybercrime group targeting US & EU freight
Diesel Vortex is a Russian phishing-as-a-service group targeting freight and logistics companies across the US and Europe. This report details the group's infrastructure, tactics, and the 1,600+ credentials stolen from DAT Truckstop, Penske, EFS and Timocom.
Announcing certgrep
Today we officially launch certgrep, our second free public tool for the security community.