KOR Labs

From Internet Data to Cyber Defense

Learn more

What we do

KOR Labs is an exceptional place where top research methods and tools meet industry needs for a safer Internet. Our team comprises security researchers with world-class expertise in Internet technologies and DNS abuse. We are passionate about investigating malicious activities and sharing knowledge with the technical and policy communities to prevent cybercrime.

Card image cap
ThreatChase

Detect and respond to phishing attacks more quickly and efficiently with our new open platform.

Card image cap
Cyber Threat Intelligence

The French cyber threat intelligence platform aimed at sharing knowledge among multiple players.

Card image cap
DNSAI Compass

Consult monthly reports on the use of the Domain Name System in phishing and malware activities.

Card image cap
INFERMAL

Uncover cyber attackers' preferences and possible measures to mitigate abusive activities in DNS.

See all our projects

Latest news

We are hiring a Systems and Network Administrator

Mar 29, 2024

We are seeking a skilled Systems and Network Administrator who will configure, monitor, and maintain our system infrastructure.

Read more
We are hiring a Senior Python Programming Specialist

Mar 29, 2024

We are seeking a skilled Python Programming Specialist who will develop and implement robust security solutions to protect against cyber threats.

Read more
KOR Labs is the official supporter of WTMC-2024

Feb 10, 2024

KOR Labs has officially partnered as a supporter for the 9th International Workshop on Traffic Measurements for Cybersecurity (WTMC 2024) ...

Read more

Blog

Phishing Attack Trends
Phishing Attack Trends

Jul 30, 2024 · Rowena Schoo, Maciej Korczyński, and Zul Odgerel

Since collecting and publishing data on the number of unique domains used for phishing attacks and malware distribution as part of our NetBeacon MAP reporting, we've been on the lookout for any discernible patterns or trends. This blog post discusses one of those.

Read more
Measuring DNS Abuse is Difficult
Measuring DNS Abuse is Difficult

Feb 29, 2024 · Rowena Schoo

This blog is a condensed overview from our full report titled "Why do different DNS Abuse measurement projects result in different numbers" and is meant to create a greater awareness of how DNS Abuse is measured and help the community to understand and interrogate data presented to them.

Read more
Challenges in Measuring DNS Abuse
Challenges in Measuring DNS Abuse

Nov 2, 2023 · Rowena Schoo and Maciej Korczyński

This blog covers an interesting case of suspected abuse in a gTLD registry between February and April 2023. It is a good example of an edge case, where the decision on whether or not to mitigate was not clear cut, and different levels of evidence were available at different time.

Read more

Get in touch