For those playing along at home, just an observation that as of today:
breachforums[.]info
has spun up as new on DDoS-Guard, registered through Nicenic yesterday.
Also, seeing dozens and dozens of garbage .top domains being spun up on pananames[.]com nameservers, registered through URL Solutions (same company as pananames), and then transferred into storm-pro[.]net. Started Monday 2025-06-24.
@neurovagrant is there anything legit or valid on a .top domain these days? It’s wild.
@jwgoerlich Not that I've seen. I block .top at the DNS level for my home network and have never encountered a need to allowlist something.
@neurovagrant @jwgoerlich I have never received a single ticket request to allow a .top domain.
@badsamurai @neurovagrant @jwgoerlich We block .top, .xyz, .zip, and .biz globally at our (rather large) org. No complaints.
@mttaggart @badsamurai @neurovagrant @jwgoerlich I CANT DO THIS AND IT ENRAGES ME
We have several clients in the biotech space that use .xyz
I'm not fucking kidding.
@NosirrahSec @mttaggart @badsamurai @jwgoerlich yeah, xyz did some great marketing to impressionable people that it could be their cheaper .com - I think maybe 5% aren't obviously malicious?