Shreshta Blog

We uncover badness.


Open Resolvers: Understanding security risks and best practices

An “open resolver” is a DNS server that accepts and resolves a domain name recursively for anyone on the internet. In this blog post, we will share the security risks of open resolvers and best practices. At the time of writing, there were 192920 open resolvers in India with recursion enabled. While most of these …

Open Resolvers: Understanding security risks and best practices Read More »

Phishing campaign targeting Github

Earlier this week, on 21st September, GitHub published a blog post – Security alert: new phishing campaign targets GitHub users The gist of it was, On September 16, GitHub Security learned that threat actors were targeting GitHub users with a phishing campaign by impersonating CircleCI to harvest user credentials and two-factor codes. While GitHub itself …

Phishing campaign targeting Github Read More »

Phishing Campaign – Adidas and Nike

Our threat intelligence platform – SDINET, ingests DNS data from various sources. Our security researchers have detected a phishing campaign wherein the adversaries have registered domain names impersonating brands such as Adidas and Nike. Adidas AG is a German multinational corporation, founded and headquartered in Herzogenaurach, Bavaria, that designs and manufactures shoes, clothing and accessories. …

Phishing Campaign – Adidas and Nike Read More »