Hello and welcome to the Thursday, November 6, 2025 edition of the Sands Internet Storm Centers.

Stormcast, my name is Johannes Ulrich, recording today from Jacksonville, Florida.

And this episode is brought you by the Sands.edu Undergraduate Certificate Program in Cybersecurity Fundamentals.

Today I made life some changes to our new domain API. This is an API that basically delivers

newly registered domains for the last day. This particular API had a problem that has been going on for a while

where often pretty much always only returned a partial result. So basically the results were cut off.

Well, fix that two different ways. First of all, if you just want all the domains, all the domain names,

then the easiest solution

is just download a static file that I'm offering now. That file is being updated once an hour

and should download really quickly because, well, it's just static. It doesn't have to be

created on the fly. Also with that, it doesn't run into the problems where you only get a partial result back.

The second option is, if you still want to use the API, you will now have pageination

where you can just download a part of the results. You can also do some filtering for keywords

if you don't really want the entire list.

But really the easiest way is just download the static file and then do whatever filtering you need or so at your end.

That probably will be the simplest, fastest solution for this.

This list also includes our sort of still experimental scoring system where we sort of try to assign

anomaly scores to the domains. If you have any feedback on that, please let me know.

And Checkpoint published an interesting blog post showing some vulnerabilities that Microsoft

recently patched in its teams platform.

One of the ways teams, of course, is often used is for communication internal to a company.

And with that, users tend to have quite a bit of trust in the platform, unlike with email,

...