BinPack supports updated SecTools.org 125 list
Last week Fyodor released the results of the top security tools poll at sectools.org. BinPack has always had a ‘sectools100’ list for quick install of these applications into your system. With the new results out, we synced the list and created a ‘sectools125’ list. Download the text file and put it in the ‘lists’ directory to access the sectools125 list. Enjoy!
Doppelganger Domains in the News!
After the Wired.com article was posted on September 8th, it spread pretty quickly to other news sites and on twitter. Here are a bunch of links to other sites’ coverage of our research.
- CNN.com – E-mail typos result in 20GB of stolen data
- Slashdot.org – Researchers’ Typosquatting Stole 20 GB of E-Mail
- Gizmodo.com – How Researchers Stole 20GB of E-Mail from Fortune 500 Companies
- ArsTechnica.com – Researchers’ typosquatting snarfed 20GB of Fortune 500 e-mails
- Net-Security.org – Researchers steal 20GB of corporate emails via doppelganger domains
- DomainNameWire.com – Doppelganger Domains. Oh, My.
- GCN.com – How ‘doppelganger domains’ steal data from e-mail
- TheRegister.co.uk – Typo-squatting domains can harvest corporate emails
- MSNBC.com – Researchers easily harvest emails from Fortune 500 companies
- DomainRegistration.com.au – Doppelganger Domain Names Yet Another Online Threat For Business
The amount of debate this research generated was also interesting to see. Wired, CNN, and of course Slashdot among others all had lively discussions going on. I’m actually glad the research generated this type of interest, and hopefully companies will take the needed steps to address the issue and protect themselves.
Wired.com Article on Doppelganger Domains
Kim Zetter from Wired.com posted a great article today about Doppelganger Domains called “Researchers’ Typosquatting Stole 20 GB of E-Mail From Fortune 500“.
Two comments to add:
- All the original data that was collected during the research period has been deleted.
- If companies want to find out if they are vulnerable to Doppelganger Domains, we can perform a scan on your domain(s). The request form is on the same page as the Doppelganger Domain whitepaper.
Doppelganger Domain Whitepaper Released
We just posted a whitepaper on Doppelganger Domains. Stay safe out there!
Presenting at ToorCon 13
I just got word that we will be presenting on Doppelganger Domains at this year’s ToorCon! We are super excited and we will have some interesting examples to share, so make sure you don’t miss our presentation.
