DomainTools Launches Global Partner Program to Bring Best-in-Class Internet Intelligence and Threat Hunting Capabilities to Enterprise Security Teams

DomainTools, the leader for Internet intelligence, today launched its Global Partner Program led by Tim Durant, the recently appointed Vice President, Global Channels and Alliances. 

Threat intelligence plays an increasing role in the Security Operations Center (SOC) as security teams struggle to cope with the rising threat landscape. The DomainTools Global Partner Program features the company’s best-in-class threat intelligence solutions, providing channel partners with the tools needed to help enterprise security teams proactively detect emerging threats and attackers lurking in their networks. 

According to Chris Nelson, Chief Revenue Officer at DomainTools, “We’re thrilled that Tim Durant has joined our executive team and to launch our new Global Partner Program. Tim brings more than 15 years of experience creating high-impact programs that build revenue through new partners, products/services and routes to market on a global scale. The channel is one of the key growth drivers for DomainTools and we’re excited for Tim to spearhead our channel strategy and growth, and to reinforce our commitment as a channel-first organization.” 

“Having worked with DomainTools since 2019, it’s great to see them bolster their commitment and investment into their channel business and partnerships like ours,” said Phil Higgins, CEO at Brookcourt Solutions, a leading UK-based IT services provider. “The data and products from DomainTools have allowed us to meaningfully enhance the security postures of dozens of firms. We look forward to building many further opportunities with DomainTools as a trusted partner.” 

The DomainTools Global Partner Program will expand existing channel relationships as well as build new partnerships across the globe. It offers a wide range of benefits to channel partners, including generous and simple margin structure for new and renewal business, access to in depth training, online deal registration, and joint promotional programs. 

“I’m eager to deepen our existing partner relationships and to expand our incredible partner ecosystem,” said Tim Durant. “DomainTools seeks to work with a wide variety of partners, from cybersecurity technology companies, to VARs, and MSSPs. Each of these partners brings specialized expertise and market knowledge, and we’re excited about the opportunity to not only expand their portfolio but also work together to help augment an organization’s limited threat intelligence resources.” 

In his new role, Tim will lead the DomainTools channel program and sales and revenue goals and will be responsible for go-to-market strategies within the diverse DomainTools partner ecosystem. Prior to DomainTools, Tim spent nearly a decade at Hitachi Vantara, where he was Sr. Director of Strategic Global Alliances. 

The post DomainTools Launches Global Partner Program to Bring Best-in-Class Internet Intelligence and Threat Hunting Capabilities to Enterprise Security Teams appeared first on IT Security Guru.

Transacting in Person with Strangers from the Internet

Communities like Craigslist, OfferUp, Facebook Marketplace and others are great for finding low- or no-cost stuff that one can pick up directly from a nearby seller, and for getting rid of useful things that don’t deserve to end up in a landfill. But when dealing with strangers from the Internet, there is always a risk that the person you’ve agreed to meet has other intentions.

Nearly all U.S. states now have designated safe trading stations — mostly at local police departments — which ensure that all transactions are handled in plain view of both the authorities and security cameras.

These safe trading places exist is because sometimes in-person transactions from the Internet don’t end well for one or more parties involved. The website Craigslistkillers has catalogued news links for at least 132 murders linked to Craigslist transactions since 2015. Many of these killings involved high-priced items like automobiles and consumer electronics, where the prospective buyer apparently intended all along to kill the owner and steal the item offered for sale. Others were motivated simply by a desire to hurt people.

This is not to say that using Craigslist is uniquely risky or dangerous; I’m sure the vast majority of transactions generated by the site end amicably and without physical violence. And that probably holds true for all of Craigslist’s competitors.

Still, the risk of a deal going badly when one meets total strangers from the Internet is not zero, and so it’s only sensible to take a few simple precautions. For example, choosing to transact at a designated safe place such as a police station dramatically reduces the likelihood that anyone wishing you harm would even show up.

I recently stumbled upon one of these designated exchange places by accident, hence my interest in learning more about them. The one I encountered was at a Virginia county sheriff’s office, and it has two parking spots reserved with a sign that reads, “Internet Purchase & Exchange Location: This Area is Under 24 Hour Video Surveillance” [image above].

According to the list maintained at, there are four other such designated locations in Northern Virginia. And it appears most states now have them in at least some major cities. also has a searchable index of safe trading locations in the United States and Canada.

Granted, not everyone is going to live close to one of these designated trading stations. Or maybe what you want to buy, sell or trade you’d rather not have recorded in front of police cameras. Either way, here are a few tips on staying safe while transacting in real life with strangers from the Internet (compliments of the aforementioned safe trading websites).

The safest exchange points are easily accessible and in a well-lit, public place where transactions are visible to others nearby. Try to arrange a meeting time that is during daylight hours, and consider bringing a friend along — especially when dealing with high-value items like laptops and smart phones. also advises that police or merchants that host their own exchange locations generally won’t get involved in the details of your transaction unless specified otherwise, and that many police departments (but not all) are willing to check the serial number of an item for sale to make sure it’s not known to be stolen property.

Of course, it’s not always practical or possible to haul that old sofa to the local police department, or a used car that isn’t working. In those situations, has some decent suggestions:

  • Meet at a police station where you can exchange and photocopy each others’ identification papers, such as a driver’s license. Do NOT carry cash to this location.
  • Photocopy the license or identification paper, or use your phone to photograph it.
  • Email the ID information to a friend, or to someone trusted (not to yourself).
  • If you’re selling at home, or going to someone’s home, never be outnumbered. If you’re at home, make sure you have two or three people there — and tell the person who is coming that you will have others with you.
  • At home or an apartment, NEVER let someone go anywhere unaccompanied. Always make sure they are escorted.
  • Never let more than one group come to your home at one time to buy or sell.
  • Beware of common scams, like checks for an amount higher than the amount of the deal; “cashier’s checks” that are forged and presented when the bank is closed.
  • If you are given a cashier’s check, money order or other equivalent, call the bank — at the number listed online, not a number the buyer gives you — to verify the validity of the check.

DomainTools, Data, and Internet Safety

A part of the industry for around twenty years, DomainTools uses active and passive DNS (Domain Name System) data to create cybersecurity intelligence for its customers. Tim Durant, Vice President of Channels and Alliances, explained: 

DNS is like the fingerprints or the activity on the internet. So we’re mapping all those fingerprints.”  

With unique sets of data, providing a different picture of cyber threat infrastructure than that which is typically provided, governments, enterprises, and other cybersecurity companies all use DomainTools’s data.  

Senior Cybersecurity Consultant, Oliver Tonge, added to this: 

“One of the things we’ve done in the past is set up an account. Maybe there’s an incident around a particular brand; with access to such an account, [a customer] is able to get the most of our intelligence on that to build a story around it… It’s almost guaranteed that there’s something in our data to shine a brighter light on the activity of the threat actors.” 

Having recently announced a new DomainTools product, Iris Detect, Durant was excited about the simplicity of the interface. Even for a person who lacks cybersecurity knowledge, it’s intuitive and easy-to-use. Someone could punch in the domain name of their company and very soon after have a reported risk score attached, showing the number of spoofs using that name, and the number of phishing threats as well. And it all happens close to real time. 

“50 of the top global 100 companies use us already,” Durant noted.  

How do DomainTools’ customers use this data? 

According to Tonge, it depends on which industry the customer comes from. Whether banking, law enforcement, or government, each of these have their own use cases. Law enforcement, for one, is less interested in spam and phishing, but more interested in malware. Pre-emptively, DomainTools is able to provide intel on the infrastructure of threat actor activity pertaining to the industry in question. 

This data is also used in post-incident scenarios. Say all the credentials from a domain were leaked, then DomainTools’s data and machine learning tools help to answer questions such as who was behind the attack, where did it come from, what infrastructure was deployed, and who else might be affected by this same, or similar, threat. 

“It’s not just historical data, it’s also predictive data,” Tonge said.  

And DomainTools doesn’t just provide data to paying customers either.  

“Before the pandemic struck, there were about 6 domains globally with the term Covid in it or related to Covid. Not long after, that number went up to 64,000 domains. Some of them were legitimate, like government organisations providing Covid health infrastructure and community support. But you can guess the vast majority was illegitimate, capitalising on people’s fears,” Tonge said.  

Spoof sites looking to rake in money and information from the concerned populace, DomainTools popped in to provide some guidance. Free of charge, they made available a site with Covid block lists to anyone on the internet as a continuously updated service. They offered the same with the start of the Russia-Ukraine war.  

“One of the things that really drives everyone at DomainTools is the mission to make a secure and safer internet for everyone. And that’s a reward in itself.” 

It’s a rewarding job, but it’s also a big one. As the industry moves forward, the data never stops coming in and neither do the threats. Catching 5-6 million newer, updated domains per day, DomainTools is kept busy. By presenting the data in a digestible and meaningful format to customers, this means sifting through billions of feeds of data at a machine scale. Even, Durant said, some of the largest technology companies have tried to do it themselves, only to return to the services of DomainTools. 

“There’s always more than enough work for us to do,” he added. “We need to continue to find ways as we capture this data to make it useful and helpful to make the internet a safer place.” 

Is it feasible that one day there will be a safe internet? 

“I don’t believe there’s ever a 100% safe [internet]. There’s always that cat and mouse game. Someone who’s just ahead. It’s just the nature of bad players. We’re in the cyber world, what we’re talking about here, but it’s true in the real world. No bank is 100% safe from being robbed,” Durant said. 

Slowly but surely, law enforcement is catching up to the bad guys, Tonge added. While the EU’s GDPR (General Data Protection Regulation) didn’t quite have the result that everyone was hoping for, the intent was good. Will we ever get there? Potentially not, but cybersecurity and law enforcement are not as far behind as they were just ten years ago. To make a safer internet, however, international cyber police cooperation is integral. Historically, investigators have been limited from policing cyber-crime if it crosses nation’s borders. 

Yet overall, DomainTools is optimistic about the future of the internet, and their role in the making of its safety. 

“Look at how many technology companies are in this space,” Durant said, gesturing around to the other attendees of Infosecurity Europe. “There’s a lot of smart people that are trying to solve a lot of hard problems.” 

The post DomainTools, Data, and Internet Safety appeared first on IT Security Guru.

5 Of The Most Popular Internet Browsers Available For Ubuntu

In this article I will provide you a list of internet browsers that can be easily installed on your Ubuntu system.

Brave Browser:

As you may know, Brave Browser is an open-source, Chromium based internet browsers that comes with a built-in adblocker. The feature does not block all the ads and replaces all of infected ads (used for malwertising) with Brave ads, giving the money to the website displaying the ads, to Brave sponsors and the to the community.

By default, the browser accesses only the HTTPS version of all the websites (if there is a HTTPS version available).

Due to the fact that the Brave Browser is available as a snap package, installing it on Ubuntu or a derivative system is easy. You only need to install the snapd package and to use snap to install brave:

For more information about the snap package manager, follow this guide.

$ sudo apt install snapd
$ sudo snap install brave

To remove brave, do:

$ sudo snap remove brave

For more information about this browser, follow the Brave Browser article series (the newest instructions are on the top).

Pale moon:

As you may know, Pale Moon is an open-source, cross-platform browser based on Mozilla Firefox, being up to 25% faster then the original.

Pale moon is based on Firefox, has support for the official Firefox extensions, but does not contain all of the Firefox features, including: social API, accessibility features, WebRTC and has some specific customizations and configuration options which are not available on Firefox.

For more information about this browser, follow the Palemoon article series (the newest instructions are on the top).

How to install Pale Moon on Ubuntu 18.10 Cosmic Cuttlefish:

$ sudo sh -c "echo 'deb /' > /etc/apt/sources.list.d/home:stevenpusser.list"
$ wget -nv -O Release.key
$ sudo apt-key add - < Release.key
$ sudo apt-get update
$ sudo apt-get install palemoon

How to install Pale Moon on Ubuntu 18.04 Bionic Beaver, Elementary OS 0.5 Juno, Linux Mint 19.x:

$ sudo sh -c "echo 'deb /' > /etc/apt/sources.list.d/home:stevenpusser.list"
$ wget -nv -O Release.key
$ sudo apt-key add - < Release.key
$ sudo apt-get update
$ sudo apt-get install palemoon

Optional, to remove palemoon, do:

$ sudo apt-get remove palemoon


As you may know, Opera is a popular, open-source, cross-platform internet browser. The browser is available for Windows, Mac OS X and Linux and has been developed by Opera Software AS. First, it has been built on the Blink layout engine, but after a while, it has adopted the Chromium browser engine.

Among others, it includes private browsing, tabbed browsing, a download manager and can integrate easily with social services, like WhatsApp and Facebook.

For more information about this browser, follow the Opera article series (the newest instructions are on the top).

In order to install Opera on Ubuntu 18.10 Cosmic Cuttlefish, Ubuntu 18.04 Bionic Beaver, Linux Mint 19.x, Elementary OS 0.5 Juno and other Ubuntu derivative systems, you need to manually add the repo and import the key to your system, to update the local repo index and install the opera package. Like this:

$ sudo add-apt-repository 'deb stable non-free'
$ wget -qO- | sudo apt-key add -
$ sudo apt-get update
$ sudo apt-get install opera

Optional, to remove Opera, do:

$ sudo apt-get remove opera


As you may know, Vivaldi is a Chromium-based open-source internet browser, built by the Opera founder.

Main features of Vivaldi:

  • speed dial which allows access to favorite websites in each new tab and permits organizing favorite websites into folders,
  • the browser supports quick text commands;
  • built-in notes taking tool;
  • side panel with fast access to bookmarks, downloads and notes;
  • custom search engines support;
  • allows side-by-side browsing using a side panel;
  • tab management:
  • session management;
  • allows previewing open tabs;
  • tab cycling;
  • tab stacks (you can drop a tab on top of another to create a stack);
  • restore closed tabs or blocked pop-ups from the Vivaldi trash can;
  • tab stack tiling (view stacked tabs in a grid or side-by-side);
  • mouse gestures and keyboard shortcuts;
  • user interface scaling;
  • adaptive interface color;

The easiest way to install Vivaldi on Ubuntu 18.10 Cosmic Cuttlefish, Ubuntu 18.04 Bionic Beaver, Linux Mint 19.x, Elementary OS 0.5 Juno and other Ubuntu derivative systems is too use the default Opera repository. You need to manually add the repository, download and install the key, update the repo index and install the vivaldi-stable package:

$ sudo add-apt-repository “deb [arch=i386,amd64] stable main”
$ wget –q0- | sudo apt-key add –
$ sudo apt-get update
$ sudo apt-get install Vivaldi-stable

Optional, to remove Vivaldi, do:

$ sudo apt-get remove vivaldi*

Tor Browser Bundle:

Tor Browser Bundle is an internet browser based on Mozilla Firefox configured to protect the users’ anonimity, via Tor and Vidalia. The bundle also includes 3 Firefox extensions: Torbutton, NoScript and HTTPS-Everywhere.

The Tor Browser anonymizes the traffic and encrypts everything everything in the Tor network. Via the HTTPS-Everywhere extension, it also encrypts the traffic between the Tor network and the final destination.

In order to successfully install the latest version of Tor Browser Bundle on your system, you need to download and install the repo key, add the repository to your system, refresh the repo index and install the required package. Follow the instructions for your system exactly and everything should run smoothly.

How to install Tor Browser Bundle on Ubuntu 18.10 Cosmic Cuttlefish:

$ gpg --keyserver --recv 886DDD89
$ gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
$ sudo sh -c 'echo "deb cosmic main" >> /etc/apt/sources.list.d/tor.list'
$ sudo apt-get install tor

How to install Tor Browser Bundle on Ubuntu 18.04 Bionic Beaver, Linux Mint 19.x and Elementary OS 0.5 Juno:

$ gpg --keyserver --recv 886DDD89
$ gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
$ sudo sh -c 'echo "deb bionic main" >> /etc/apt/sources.list.d/tor.list'
$ sudo apt-get install tor

Optional, to remove tor, do:

$ sudo apt-get remove tor

The post 5 Of The Most Popular Internet Browsers Available For Ubuntu first appeared on