Internet

A new campaign uses mass registration of fake online shop domains to impersonate legitimate retailers, facilitate financial fraud, and in certain instances, distribute malware through counterfeit checkout systems and redirect payloads.

Identified by the research division of BforeAI, analysis of the campaign’s registration and DNS telemetry indicates a well-structured operation with distinct clusters, primarily originating from Chinese infrastructure providers and utilizing domain privacy services to obscure attribution.

New analysis from enterprise-class domain registrar CSC reveals that for the past three years, seasonal IP infringements have risen sharply in Q4 and remained elevated through January, when post-holiday sales draw heavy consumer traffic.

The combination of high demand, gift-driven impulse buying, and deep discounting creates a perfect environment for cybercriminals to ply their trade. Over the holidays, fraudsters set up fake websites and lookalike domains impersonating legitimate brands.

A new study reveals the extent to which medical professionals’ personal information is publicly available online, leaving them vulnerable to stalking and other forms of threats.

The report from data privacy and personal data removal service Incogni looks at 768 medical department heads from major US hospitals to see what personal information is publicly accessible and shows some concerning results.

Tor (The Onion Router) is switching its encryption algorithm to help boost security and privacy. The change is being introduced to protect users against certain types of attack, and sees the browser adopting a new “research-backed new design” called Counter Galois Onion.

The algorithm that is being updated is the one used to encrypt user data as it travel across a circuit via multiple relays. In making the switch, Tor concedes that its previous encryption design “looks funny”, hence the need to replace it.

Retailers aren’t the only ones to want to make the most of Black Friday, it’s a boom time for scammers too. New analysis by Check Point reveals that one in 11 newly registered Black Friday-themed domains is classified as harmful.

October saw 158 new Black Friday related domains, a 93 percent increase over the 2025 monthly average. Early November intensified that growth, with more than 330 new related domains appearing in only the first 10 days.

You may have noticed that yesterday ChatGPT, X and a number of other websites -- including BetaNews for a while -- were unavailable due to an issue with online security service Cloudflare. So what went wrong?

According to the company the problem occurred after a configuration file designed to handle threat traffic did not work as intended and ‘triggered a crash’ in its software handling traffic for its wider services.

A new survey from Bitdefender, of more than 7,000 consumers worldwide, finds that 14 percent of respondents (one in seven) report falling victim to scams in the past year, with an additional four percent unsure.

Based on an average scam loss of $545, that equates to over $534,000 lost among survey participants alone. The US led in scam victims at 17 percent, followed by the UK (16 percent) and Australia (16 percent), while France had the lowest at 11 percent.

A new report from digital trust provider DigiCert highlights an unprecedented surge in distributed denial-of-service (DDoS) attacks that reached ‘internet tsunami’ scale, with two events peaking at 2.4 Tbps (terabits per second) and 3.7 Tbps respectively.

Attack traffic increasingly originates from regions where digital infrastructure is outpacing regulation, with Vietnam, Russia, Colombia, and China ranking among the top five sources.

New poll data reveals that 89 percent of respondents say access to public web data is critical for ensuring a fair and competitive AI market.

The survey carried out at this year’s OxyCon web intelligence event shows organizations are getting worried they are losing access to precious web data, robbing them of the ability to make the AI of the future as democratic as possible. 64 percent of respondents say their organisations has been blocked from more websites than a year ago.

According to a survey of over 1,000 US consumers conducted on behalf of brand visibility platform Yext, just 11 percent trust the first tool they use when searching online, meaning nearly nine out of 10 double-check or expand their results elsewhere.

The research suggests the age of one-stop search and shop is ending and Americans are increasingly blending traditional search engines with AI tools, social media, and review sites to make purchase decisions.

We know that the UK’s Online Safety Act has had a number of consequences including a surge in interest in the use of VPNs. But VPNs aren’t the only things that have seen greater interest.

New research from Comparitech shows more people are searching for fake IDs, how to access the dark web, and torrenting services. The company has recorded a 56 percent increase in impressions for blog posts related to the law and guides to using VPNs as a means of accessing restricted content.

Check Point is launching a new Enterprise Browser, extending zero trust security to unmanaged devices like BYOD, contractors, and third-party partners.

The new feature, available to Check Point Harmony SASE customers from today, delivers full visibility, granular policy enforcement, and compliance-ready data protection without persistent agents or endpoint ownership.

Phishing emails often feature malicious links (URLs) that lead victims to fake websites
where they are infected with harmful software or tricked into giving away personal
information.

There’s a constant battle between security tools getting better at identifying bad links and attackers trying to hide them more effectively. Barracuda has uncovered some of the latest approaches its researchers are seeing in attacks involving the advanced phishing-as-a-service (PhaaS) kit, Tycoon.

For the second consecutive quarter sales of .AI domain names have surged -- with a quarterly record of $4.5 million in volume in the last quarter (up from $3.48 million in the first quarter of this year) as demand for artificial intelligence-related branding accelerates.

The latest Domain Investment Index from online payments service Escrow.com reflects the embrace of AI. “Two huge tech trends are colliding here: the incredible uptake of AI in business and the realization that domains are the commercial real estate of the Internet,” says Escrow.com chief executive Matt Barrie.

Despite the expanding use of browser extensions, the majority of enterprises and individuals still rely on labels such as ‘Verified’ and ‘Chrome Featured’ provided by extension stores as a security indicator.

However, new research from SquareX points up architectural flaws in how browser security tools work which mean they’re unable to detect or prevent the latest advancements in malicious browser extension attacks.