Security Affairs

JULY 11, 2022

A large-scale phishing campaign is targeting Internet-end users in Brazil and Portugal since March 2022. Figure 2 presents an example of an SMS sent to Internet end-users during the ANUBIS social engineering wave. A large-scale phishing campaign leveraging the Anubis Network is targeting Brazil and Portugal since March 2022.

Phishing 100

Phishing Social Engineering Banking Engineering 100

Security Affairs

SEPTEMBER 8, 2019

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Some Zyxel devices can be hacked via DNS requests. The best news of the week with Security Affairs. Once again thank you!

IoT 76

IoT Data breaches DNS Advertising 76

Troy Hunt

NOVEMBER 25, 2020

Back to the bit about risks impacting data collected by IoT devices and back again to CloudPets, Context Security's piece aligned with my own story about kids' CloudPets messages being left exposed to the internet. Or are they just the same old risks we've always had with data stored on the internet?

IoT 358

IoT Firmware Risk Manufacturing 358

Cisco Security

MARCH 27, 2021

Shrink the DNS attack surface with Auth-DoH. In this analogy, the invisibility superpower is DNS over HTTPS (DoH). It’s a new protocol that encrypts the DNS request to keep bad actors from discovering or altering domain names or snooping on users’ internet destinations. My inspiration: Loki , the Marvel superhero.)

DNS 112

DNS VPN Advertising Encryption 112

Malwarebytes

OCTOBER 5, 2021

The Internet is a patchwork of hundreds of thousands of separate networks, called Autonomous Systems, that are stitched together with BGP. To route data across the Internet, Autonomous Systems need to know which IP addresses other Autonomous Systems either control or can route traffic to. Thankfully, it withstood the onslaught.

DNS 143

DNS Internet Internet Mobile 143

Security Boulevard

MARCH 13, 2024

It’s also why HYAS clients depend upon our protective DNS solution, HYAS Protect , as a trusted and necessary component of their security stack. HYAS Protect also enforces acceptable internet use policies and aligns them all with existing business units, departments, and teams in your company.

DNS 49

DNS Architecture Cyber threats Phishing 49

Kali Linux

NOVEMBER 27, 2022

In Secure Kali Pi (2022) , the first blog post in the Raspberry Pi series, we set up a Raspberry Pi 4 with full disk encryption. If you are only interested in using the Raspberry Pi as a Wi-Fi client, you can stop here, and unmount everything like we did in our secure Kali Pi blog post. hcd usr/lib/firmware/brcm/BCM-0bb4-0306.hcd

Firmware 52

Firmware Wireless Passwords VPN 52

Cisco Security

AUGUST 29, 2022

In part one of our Black Hat USA 2022 NOC blog, we discussed building the network with Meraki: Adapt and Overcome. 25+ Years of Black Hat (and some DNS stats), by Alejo Calaoagan. If there is a specific DNS attack that threatened the conference, we supported Black Hat in blocking it to protect the network.

DNS 86

DNS Wireless Malware Firewall 86

SecureList

FEBRUARY 7, 2022

Roaming Mantis is a malicious campaign that targets Android devices and spreads mobile malware via smishing. We have been tracking Roaming Mantis since 2018, and published five blog posts about this campaign: Roaming Mantis uses DNS hijacking to infect Android smartphones. Roaming Mantis, part III. Roaming Mantis, part III.

Phishing 81

Phishing DNS Mobile Malware 81

Cisco Security

AUGUST 28, 2023

XDR (eXtended Detection and Response) Integrations At Black Hat USA 2023, Cisco Secure was the official Mobile Device Management, DNS (Domain Name Service) and Malware Analysis Provider. SCA detected 289 alerts including Suspected Port Abuse, Internal Port Scanner, New Unusual DNS Resolver,and Protocol Violation (Geographic).

Wireless 68

Wireless DNS Mobile Technology 68

Cisco Security

AUGUST 29, 2022

In part one of this issue of our Black Hat USA NOC (Network Operations Center) blog, you will find: Adapt and Overcome. Another challenge the morning of the Expo Hall opening was that five of the 57MRs inside were not yet connected to the Internet when it opened at 10am. Building the Hacker Summer Camp network, by Evan Basta.

Engineering 84

Engineering Wireless Malware DNS 84

SecureList

FEBRUARY 16, 2021

The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent. In early October, a DDoS attack was reported by the PUBG Mobile team. — PUBG MOBILE (@PUBGMOBILE) October 3, 2020.

DDOS 129

DDOS Cryptocurrency Marketing Internet 129

McAfee

AUGUST 23, 2020

However, digital transformation projects including cloud migration and ubiquitous mobile access have revealed architectural cracks, and many companies have seen the dam burst with the explosion in remote access demand in recent months. While this theoretically maintains security visibility and control, it comes at great cost.

Architecture 85

Architecture Digital transformation Internet Internet 85

Cisco Security

DECEMBER 22, 2022

In this blog about the design, deployment and automation of the Black Hat network, we have the following sections: Designing the Black Hat Network, by Evan Basta. Christian Clasen takes this available data to a new level in Part 2 of the blog. Much of this has been covered in previous blogs.

Engineering 71

Engineering Mobile Malware Wireless 71

Cisco Security

AUGUST 26, 2022

FAMOC manage from Techstep, a Gartner-recognized MMS provider, is an MDM designed to give IT a complete view and absolute control over mobile devices used by the workforce, so that people can work more effectively and securely. This new integration supports Umbrella proxy, cloud firewall, IP, and DNS logs. Access the workflows here.

Firewall 127

Firewall Authentication Passwords Threat Detection 127

SecureList

APRIL 27, 2021

In November and December 2020, two public blog posts were published about this campaign. Although Lyceum still prefers taking advantage of DNS tunneling, it appears to have replaced the previously documented.NET payload with a new C++ backdoor and a PowerShell script that serve the same purpose.

Malware 138

Malware Spyware Government Social Engineering 138

Cisco Security

JUNE 15, 2021

Some of those early NGFW implementations took shortcuts to improve performance by simply treating all UDP/53 traffic as DNS and TCP/23 as Telnet, but eventually everyone invested in good enough DPI to get beyond those obvious pitfalls.

Firewall 138

Firewall Software Network Security Encryption 138

SecureList

OCTOBER 26, 2021

In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.

Malware 140

Malware Government Surveillance Spyware 140