Dataset: COVID-19 Themed Domains

DATASET

COVID-19 Themed Domain Dataset

Graph of new domains related to COVID-19 registered from December 1, 2019 through March 27, 2020

To assist the information security community, SpyCloud researchers have compiled, enriched, and analyzed a list of over 136,000 hostnames and fully qualified domain names with COVID-19 or coronavirus themes from a variety of open-source feeds.

We have made the dataset available to demonstrate how to complete a low-cost analysis using open-source threat intelligence data.

Disclaimer: This data is provided as-is, with no guarantees that the data will be accurate or maintained in any way. For more information about the sources, please refer to the original open-source feeds.

SourceDescription
Certificate Transparency logsOpen dataset for exploring SSL Certificates to identify potential abusive hostnames.
Risk IQ’s COVID-19 feedPublic feed of COVID-19 themed domains sponsored by Risk IQ.
Domain Tools’ COVID-19 threat listPublic feed of COVID-19 themed domains sponsored by DomainTools.
Rapid7 Project SonarOpen data of internet-wide surveys conducted by Rapid7 Labs.

 

Please note that we only used the hostnames from these sources; additional metadata was collected by SpyCloud researchers.

Download the Dataset

Domains with COVID-19 and Coronavirus Themes

A few of our happy customers:

Related Resources

The SpyCloud Difference

Current, Relevant, Truly Actionable Data

SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.

SpyCloud human intelligence researchers have recovered billions of data breach assets, including stolen passwords and emails that can put enterprises at risk of account takeover

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

2020 Report: Breach Exposure of the Fortune 1000

REPORT

2020 Report: Breach Exposure of the Fortune 1000

Preview of SpyCloud's 2020 Report: Breach Exposure of the Fortune 1000, which reveals the corporate credential exposure and ATO risks of major enterprises

Employees frequently reuse corporate credentials as personal logins, regardless of security guidelines that prohibit such behavior. When those third-party sites are subject to data breaches, reused employee logins provide easy entry points to corporate systems and networks. In addition to corporate credentials, data breaches expose a wealth of personal information that can enable cybercriminals to bypass security measures, take over accounts, and compromise enterprise networks.

To provide a snapshot of the breach exposure affecting major enterprises, we examined SpyCloud’s entire database to see what breach data we could tie to companies in the Fortune 1000. Across our data set, we were able to identify over 412 million breach assets tied to employees within the Fortune 1000.

Download the report to see:

  • How many Fortune 1000 employees and C-level executives have passwords available to cybercriminals
  • Top passwords of Fortune 1000 employees
  • Infographics showing credential exposure, password reuse rates, and more for all 21 Fortune 1000 sectors
  • Which sector is the worst offender (by far)

Solution: Account Takeover Prevention

Reset stolen passwords before criminals can use them to defraud your users or access sensitive corporate data.

Learn More

Download the Report

2020 Report: Breach Exposure of the Fortune 1000

A few of our happy customers:

Related Resources

Case Study

Top 10 Travel Booking Site

Preventing account takeover begins with monitoring the dark web, but without the ability to match user accounts with a database of exposed credentials, a top 10 travel booking site was vulnerable to attack.

Read More

The SpyCloud Difference

Current, Relevant, Truly Actionable Data

SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.

SpyCloud human intelligence researchers have recovered billions of data breach assets, including stolen passwords and emails that can put enterprises at risk of account takeover

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

2020 Annual Credential Exposure Report

REPORT

2020 Annual Credential Exposure Report

Every year, the SpyCloud Credential Exposure Report examines the data cybercriminals have been sharing over the last year and what it means for enterprises and consumers. Our 2020 report shows that password reuse continues to be a serious problem, leaving enterprises and their customers vulnerable to account takeover (ATO). 

SpyCloud researchers infiltrate criminal networks to identify and recover stolen data months or years before it reaches a broader criminal audience or goes public. As a result, the 9 billion breach records analyzed for this report provide insight into breaches that have been freshly released to criminal marketplaces over the last year.

Download the report to see:

  • Trends our researchers have observed within cybercriminal communities over the last 12 months
  • Password reuse patterns, including the most common transformations people use to “refresh” a reused password
  • Most popular 100 passwords collected over the last 12 months
  • Common password hashing algorithms used by breached organizations

Solution: Account Takeover Prevention

Reset stolen passwords before criminals can use them to defraud your users or access sensitive corporate data.

Learn More

Download the Report

2020 Annual Credential Exposure Report

A few of our happy customers:

Related Resources

Case Study

Top 10 Travel Booking Site

Preventing account takeover begins with monitoring the dark web, but without the ability to match user accounts with a database of exposed credentials, a top 10 travel booking site was vulnerable to attack.

Read More

The SpyCloud Difference

Current, Relevant, Truly Actionable Data

SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.

SpyCloud human intelligence researchers have recovered billions of data breach assets, including stolen passwords and emails that can put enterprises at risk of account takeover

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

Fortune 1000 Breach Exposure: What We Can Learn

WEBINAR

Fortune 1000 Breach Exposure: What We Can Learn

SpyCloud + Threatpost

Third-party and supply-chain risk: a complex, convoluted attack surface. Stolen credentials fueling account takeover attempts aimed at infiltrating deep into corporate networks (more than 4 million plaintext passwords tied to Fortune 1000 employees can be found on the Dark Web). Stolen PII and account data that make it easy for criminals to craft highly targeted attacks. Join SpyCloud and Threatpost to talk about large enterprises’ unique risk profile and the impact of the data breach epidemic on this segment.

Drawing on the largest database of stolen credentials in the world, SpyCloud has analyzed breach data tied to Fortune 1000 employee credentials to understand trends in password reuse and data exposure. Join Tara Seals, Threatpost’s Senior Editor, and SpyCloud Head of Product Strategy Chip Witt who will discuss the extent of Fortune 1000 employee breach exposure and what it means for the organizations that work with them.

View this on-demand webinar to learn:

  • The scope of password reuse and third-party breach exposure across the Fortune 1000
  • Which Fortune 1000 sector has the most exposed credentials per company – and which has the most users potentially infected with keyloggers and other malware
  • How stolen Fortune 1000 employee PII can help attackers breach your organization
  • What you can do to protect your organization from third party account takeover

Product Feature: Third Party Insight

Monitor third party exposures and share data to aid in remediation.

Learn More

Watch the Webinar:

Fortune 1000 Breach Exposure

Presenter Info

Chip Witt, Head of Product Strategy

Chip Witt has nearly twenty years of diverse technology experience, including product management and operations leadership roles at Hewlett Packard Enterprise, Webroot, VMware, Alcatel, and Appthority. He is currently the Head of Product Strategy and manages the Customer Success Program at SpyCloud, which provides cloud-based security services to help businesses of all sizes prevent data breaches and account takeover attacks by alerting when employee or company assets have been compromised. Chip works closely with field intelligence teams specializing in OSINT and HUMINT tradecraft, actor attribution and underground monitoring.

A few of our happy customers:

Related Resources

The SpyCloud Difference

Current, Relevant, Truly Actionable Data

SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.

SpyCloud human intelligence researchers have recovered billions of data breach assets, including stolen passwords and emails that can put enterprises at risk of account takeover

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

Considerations for Choosing an Account Takeover Security Solution

WHITEPAPER

Considerations for Choosing an Account Takeover Security Solution

Learn How to Evaluate Account Takeover Security Vendors

Account takeover (ATO) is a rising security problem. One that many organizations struggle to prevent. With millions of usernames and passwords being stolen every year, the enterprise is at high risk for attacks that can lead to financial and reputational damage. There are several ATO vendors offering differing solutions. How do you know which vendor to choose? This CSO whitepaper provides a guide to the best practices for evaluating how well each approach works, including a checklist of topics to discuss with each vendor being evaluated.

Download the whitepaper today to learn:

  • 11 key questions to ask ATO security solution vendors during product evaluation
  • Which solution features are most important
  • The key metrics every vendor should be able to provide

Solution: Account Takeover Prevention

Reset Stolen Passwords Before Criminals Can Use Them To Defraud Your Users Or Access Sensitive Corporate Data.

Learn More

Download the Whitepaper:

Considerations for Choosing an Account Takeover Security Solution

A few of our happy customers:

Related Resources

The SpyCloud Difference

Current, Relevant, Truly Actionable Data

SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.