惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

U
Unit 42
C
Cybersecurity and Infrastructure Security Agency CISA
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Know Your Adversary
Know Your Adversary
S
Securelist
I
Intezer
AWS News Blog
AWS News Blog
L
LINUX DO - 热门话题
P
Privacy International News Feed
Recent Announcements
Recent Announcements
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
博客园 - 聂微东
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Attack and Defense Labs
Attack and Defense Labs
N
News and Events Feed by Topic
The GitHub Blog
The GitHub Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
Schneier on Security
Schneier on Security
N
Netflix TechBlog - Medium
爱范儿
爱范儿
B
Blog
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
C
CERT Recently Published Vulnerability Notes
Hacker News: Ask HN
Hacker News: Ask HN
Google DeepMind News
Google DeepMind News
Engineering at Meta
Engineering at Meta
Blog — PlanetScale
Blog — PlanetScale
WordPress大学
WordPress大学
S
Secure Thoughts
K
Kaspersky official blog
N
News | PayPal Newsroom
O
OpenAI News
Last Week in AI
Last Week in AI
C
Check Point Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Cyberwarzone
Cyberwarzone
Application and Cybersecurity Blog
Application and Cybersecurity Blog
T
Tor Project blog
大猫的无限游戏
大猫的无限游戏
Vercel News
Vercel News
D
Docker
Hugging Face - Blog
Hugging Face - Blog
T
Threat Research - Cisco Blogs
Cisco Talos Blog
Cisco Talos Blog
The Register - Security
The Register - Security
博客园 - 司徒正美
Martin Fowler
Martin Fowler
人人都是产品经理
人人都是产品经理
P
Palo Alto Networks Blog

DomainTools Investigations

DomainTools Investigations | Threat Intelligence Report: The Pro-Iran Hacktivist Ecosystem 2026 Eighteen Newsletters and a Dozen Roses Threat Intelligence Report: Nation-State Targeting of Water Systems 2024–2026 The APT35 Dump Episode 4: Leaking The Backstage Pass To An Iranian Intelligence Operation Threat Intelligence Report: Russia, Router, DNS, and Messaging-Layer Collection Operations SecuritySnack - Hijacking Corporate Sessions Threat Intelligence Report: ZionSiphon OT Malware First Attempts? Psyops? Both? Threat Intelligence Report: The SDA / Structura / Doppelgänger, Influence Operations, Infrastructure, Reach, and Potential Edge of Seventeen (Newsletters) Cybersecurity Reading List - Week of 2026-06-01 Chinese Malware Delivery Domains Part II: Data Collection Cybersecurity Reading List - Week of 2026-05-04 Sixteen going on Seventeen Newsletters DPRK Contagious Interview: Developer Workflow Compromise The AI Frame Campaign Continues MOIS Linked MOIST GRASSHOPPER / Homeland Justice / KarmaBelow80 / Handala Hackers / Campaigns and Evolution Fifteen (Newsletters) On A Skateboard Handala: MOIS Linked Cyber Influence Ecosystem Threat Intelligence Assessment DPRK Malware Modularity: Diversity and Functional Specialization SecuritySnack - OpenAI Anti-Ads Malware Exposure of TLS Private Key for Myclaw 360 in Qihoo 360 “Security Claw” AI Platform SecuritySnack - CloudFlare Anti-Security For Phishing Fourteen Newsletters and Fifteen Winters Cybersecurity Reading List - Week of 2026-03-02 Doppelgänger / RRN Disinformation Infrastructure Ecosystem 2026 SecuritySnack - Idolized Crypto Scams Lotus Blossom (G0030) and the Notepad++ Supply-Chain Espionage Campaign Seven Nation Newsletter: I'm goin' to Wichita! Guess who's back, back again? DTI’s back, tell a friend! CTI Grapevine Becomes DomainTools Investigations Thirteen Silver Newsletters Newsletter Number 9, Keep On Movin' Down The Line Eight Days a Newsletter: I lo-o-o-ove research! Newsletter No. 5: A Little Bit of Research in my life… Tenth Newsletter Freeze-Out Newsletter 11 Could Take Forever 1, 2, 3, 4 Tell Me That You Love Newsletters It's 6’n the Mornin’ (and my Newsletter at your door!) DT Investigations - Security Research for the Community March 2025 DTI Newsletter: I Like Newsletters and I Cannot Lie
Cybersecurity Reading List - Week of 2026-04-06
DomainTools · 2026-04-07 · via DomainTools Investigations

“The old world is dying, and the new world struggles to be born; now is the time of monsters” - so spoke Italian political theorist Antonio Gramsci nearly one hundred years ago. Or, to be more accurate, around 1930 Gramsci wrote:

La crisi consiste appunto nel fatto che il vecchio muore e il nuovo non può nascere: in questo interregno si verificano i fenomeni morbosi piú svariati.

which has been translated directly as:

The crisis consists precisely in the fact that the old is dying and the new cannot be born; in this interregnum a great variety of morbid symptoms appear.

The vigilance of defenders and investigators often focuses on monsters, typically ones easy to classify and thus easy to articulate wins to management. 

What would our industry look like if instead, we triaged the morbid symptoms of our environments, of our systems? Fighting dragons feels more satisfying than covering fundamentals. How do we frame the problem, get exec on-side, but more importantly, how do we continue to motivate ourselves in a world so seemingly full of morbid symptoms, most outside our control? 

Answers usually don’t survive first contact with reality. For my part, I fall back on a mindfulness of effort. As I plan and execute, my work of 2026 includes asking myself over and over, “Am I chasing monsters, or is there an underlying morbid symptom here that means monsters spawn less, or elsewhere?”

By the way, this is a discussion on impact.

Articles

Image above from Kentik post identifying distinct shutdown phases.

We’ve been busy little gremlins, recently, and our ability at DomainTools Investigations to remain timely and relevant despite being a scrappy little team continues to make me deeply proud. From us over the past month or so:

Research Papers and Reports

Tools and Resources

Cybersecurity Reading List - Week of 2026-06-01

Commentary followed by links to cybersecurity articles and resources that caught our interest internally.

SecuritySnack - Hijacking Corporate Sessions

A sophisticated AiTM phishing kit bypassing traditional MFA to steal Microsoft 365 session cookies. Get the full breakdown and IOCs.

Cybersecurity Reading List - Week of 2026-05-04

Systems thinking, biolistics, and the danger of mop-up science in infosec — plus this month's reading on ransomware, RPKI exploits, cPanel, and LLM pollution.