Over the past year, threat actors have rapidly advanced their use of deception—scaling operations and leveraging AI to target individuals, organizations, and evade threat research. Infoblox Threat Intel has observed a new level of professionalism and speed in the way actors launch Domain Name System (DNS)- sourced cyberattacks, which affect consumers, businesses, and government agencies […]
In short, traditional DGAs are algorithms embedded in malware to generate an arbitrary number of potential command and control (C2) domains that the malware attempts to contact, but the threat actor only registers a few of those domains. Traditional DGAs are vulnerable to security researchers who can reverse engineer the algorithms once the malware samples
Registered DGAs : The Prolific New Menace No One Is Talking About Read More »
While cybercriminals are often portrayed as gangs of hackers or lone brilliant coders, more often they buy and sell goods and services as part of a larger criminal economy. For example, some actors sell malware services, and malware-as-a-service (MaaS) allows buyers easy access to the infrastructure necessary to commit crimes. These service providers also form
Cybercrime Central: VexTrio Operates Massive Criminal Affiliate Program Read More »
Decoy Dog is a malware toolkit discovered by Infoblox that uses the domain name system (DNS) to perform command and control (C2). A compromised client communicates with, and receives direction from, a controller via DNS queries. That controller is integrated into a DNS name server to which queries are transmitted through the normal resolution process.
A Compelling Cybersecurity Strategy for Defending the Enterprise It’s a cloud-first world. Your users now regularly connect directly to cloud-based applications and web destinations from any device anywhere. Sophisticated cyberthreats use those connections to penetrate your traditional network perimeter. Against this backdrop, enterprises and government organizations are turning to Zero Trust architectures to protect their
Exposing the threat of shadow devices Most internet communications rely on DNS, although it is often not sufficiently secured, which creates vulnerabilities that can be exploited for data exfiltration and spreading malware. Over 91 percent of malware uses DNS to communicate with C&C servers, lock up data for ransom or exfiltrate data. Existing security controls,
Fully realise the value of SD-WAN for remote locations and branch offices Businesses that are undergoing digital transformation and transitioning to cloud-based services are increasingly choosing software-defined solutions. Virtual form factor, cloud-based management and large-scale automation form the crux of software-defined solutions. BloxOne DDI is the industry’s first software-defined DDI solution. It enables remote sites
Commercial and government enterprises are facing unprecedented challenges due to the coronavirus pandemic. Many private enterprises and government agencies quickly started preparations to enable teleworking for employees. In a recent survey, approximately 44 percent of consumers with full-time employment have already felt the impact of coronavirus on their business operations, approximately 55 percent have already
Securing Remote Workers in the Age of Teleworking Read More »
