Author: Tim Helming

The ability to predict—and defend against—malicious activity is something of a holy grail in the realm of security. There are many technologies that seek to do it, and some of them have made inroads. When it comes to blacklisting domains involved in activities like phishing, malware, and spam, however, most of the blacklists and intel feeds in existence rely on reports or observation of evil on the domains. Only after someone has been affected does the malicious infrastructure appear on the feeds. What’s more, if an attack is targeted at an individual organization and that organization doesn’t report the attack…