DNS Security

DNS Security / Industry Updates

Unraveling the World of Security Data Aggregation

May 13, 2024

More than 30.6 billion records have been exposed in 2024 so far based on 8,839 publicly disclosed incidents. Intensifying cybersecurity efforts has thus become more critical than ever for organizations the world over. more

A DNS Investigation of the Typhoon 2FA Phishing Kit

May 09, 2024

Bleeping Computer recently reported that a phishing-as-a-service (PhaaS) available in cybercriminal forums dubbed "Typhoon 2FA" has the ability to compromise Microsoft 365 and Google accounts even if users have two-factor authentication (2FA) enabled. more

Examining a U.S. Tax Scammer’s Web Infrastructure through the DNS Lens

May 01, 2024

The 2024 U.S. tax season is well underway, and as usual, scams of all kinds targeting taxpayers and causing the Internal Revenue Service (IRS) problems have cropped up. One such ongoing malicious campaign has explicitly been trailing its sights on small business owners and the self-employed. more

Hunting for TimbreStealer Malware Artifacts in the DNS

Apr 21, 2024

A new info-stealing malware called "TimbreStealer" is in town. Cisco Talos detected its distribution through a phishing campaign targeting Mexico. more

Uncovering Suspicious Download Pages Linked to App Installer Abuse

Apr 09, 2024

Threat actors have been abusing App Installer, a Windows 10 feature that makes installing applications more convenient. The abuse could lead to ransomware distribution and was likely carried out by financially motivated actors Storm-0569, Storm-1113, Sangria Tempest, and Storm-1674. more

On the DNS Trail of the Rise of macOS Backdoors

Apr 02, 2024

macOS has been gaining the unwanted attention of more and more backdoor operators since late 2023. In February 2024, Bitdefender uncovered RustDoor, which was written in Rust and possibly has ties to the operators of a Windows ransomware. more

Checking Out the DNS for More Signs of ResumeLooters

Mar 22, 2024

Group-IB uncovered ResumeLooters, a threat actor group specializing in victimizing job hunters to steal their personally identifiable information (PII). more

WhoisXML API Publishes a New Study of 7 APT Groups That Have Targeted North America

Mar 19, 2024

In the past two decades, at least 41 advanced persistent threat (APT) groups have launched attacks on entities and organizations based in North America. more

Searching for Potential Propaganda Vehicle Presence in the DNS

Mar 16, 2024

The Citizen Lab recently uncovered an ongoing online propaganda campaign they have dubbed "PAPERWALL" that has been targeting local news outlets across 30 countries in Europe, Asia, and Latin America. more

Following the VexTrio DNS Trail

Mar 13, 2024

VexTrio, a traffic distribution system (TDS) provider believed to be an affiliate of ClearFake and SocGholish, among other threat actors, has been active since 2017. more

Most Popular

On the Hunt for Remnants of the Samourai Wallet Crypto Mixing Services in the DNS

A Peek at the V3B Phishing Kit Attack via the DNS Lens

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Following the DNS Trail of APT Group Newbie Unfading Sea Haze

On the DNS Trail of the Foxit PDF Bug Exploitation Attackers

Profiling a Popular DDoS Booter Service’s Ecosystem

A DNS Investigation of the Phobos Ransomware 8Base Attack

Stately Taurus APT Group Targets Asian Countries: What Do the Campaign IoCs Reveal?

Looking for More Signs of Nitrogen in the DNS

Thoughts on RDRS for Brand Owners

  • By CSC
  • Views: 5,557