Summary

Release 2.3.0 introduces major improvements to our popular typosquatting query, query monitoring amendments, and UI/UX improvements featuring IPFS information, social media integration, contextual menus and various button/icon additions.

Details

1. Typosquatting - 'Auto-fill Data'

We’ve added a button to our typosquatting query that automatically populates additional network address, nameserver and AS information for your chosen domain:

2. Typosquatting - Regex searches

We’ve added a regex function to the typosquatting query.

Users can now put together strings of text that produce granular results based on custom parameters entered as a regular expression, facilitating highly-focused domain searches.

If both a Domain and a Regex are specified in a typosquatting search, the platform will prioritise the regex search over the domain query.

### 3. Typosquatting - Automatic typosquatting searches

Domain-only searches (with no regex specified) now benefit from proprietary algorithms that automatically hunt for typosquatting results, based on the specified domain.

To improve the quality of search results and reduce noise, we’ve removed the option to include wildcards in typosquatting searches.

If your organization has any saved typosquatting queries that include wildcards, these will need to be replaced with an exact domain.

4. IPv6 scans added, along with scan data additions

Silent Push now provides enriched IPv6 scans.

Enriched IPv4, IPv6 and Domain scans now give you the option to view the below data, by selecting scan_data:

• SSL certificates
• Favicons
• Connections headers and response status codes
• HTML information, including page titles and fuzzy hash summaries of page contents
• JARM hashes

5. Monitoring results from Query Builder

Queries can now be monitored from within Query Builder, instead of users needing to navigate to the Explore page.

Even if your query returns no results, you can still set up a monitor that provides you with daily updates.

Monitoring queries in Query Builder

6. IPFS flags

We’ve added a flag that indicates whether an observable is tagged as an IPFS node, on the enriched data screen.

Paid users can also view the flag, and filter searches in the following locations:

• Threat Ranking through Advanced Filtering - Filter TR by the flag
• Threat Ranking details
• Filtering via IPFS node

7. Enhanced Twitter integration

Paid users now have the option to share IoCs on Twitter, even IoCs that don’t feature in Silent Push feeds.

8. Filter profile field amendments

Feeds, Feed Vendors and Threat/Tag Name are now available in a drop-down menu as whole values, when creating or amending a filter profile:

A new operator value - Is or Is Not - is now active for any logical expressions that contain a Feed Name, Vendor or Tag indicator.

If you have a Filter Profile saved that specifies a Feed Name, Vendor or Tag, you'll need to amend any logical expressions to include an Is or Is Not operator value.

9. Button additions and amendments

Various buttons on enriched data pages are now right-clickable, with contextual menus added.