McAfee

SEPTEMBER 14, 2021

The PlugX families we observed used DNS [ T1071.001 ] [ T1071.004 ] as the transport channel for C2 traffic, in particular TXT queries. We observed in the process dump the exfiltration of data on the system, such as OS, Processor (architecture), Domain, Username, etc. Application layer protocol: DNS. malware: Mozilla/5.0

Malware 144

Malware DNS Accountability Manufacturing 144

Cisco Security

NOVEMBER 29, 2021

Cisco Secure supports the NOC operations with DNS visibility and architecture intelligence ( Cisco Umbrella and Cisco Umbrella Investigate ) and automated malware analysis and threat intelligence ( Cisco Secure Malware Analytics (Threat Grid) , backed by Cisco Talos Intelligence and Cisco SecureX ). The other half is Clarity for iOS.

DNS 121

DNS Mobile Malware Firewall 121

CyberSecurity Insiders

JANUARY 5, 2022

AT&T SASE with Cisco weaves together some of the most important threads necessary for supporting and protecting the branch offices, labs, manufacturing facilities, and remote workers that make up the tapestry of the modern, distributed workforce. AT&T SASE with Cisco: Connect, control, converge.

Digital transformation 118

Digital transformation Architecture Technology DNS 118

eSecurity Planet

MARCH 22, 2023

Similarly, spoofed domain name system (DNS) and IP addresses can redirect users from legitimate connections to dangerous and malicious websites. Additional protection may be deployed using browser security, DNS security, or secure browsers to protect endpoints from malicious websites.

Firewall 107

Firewall Network Security Penetration Testing Encryption 107

Security Boulevard

JUNE 15, 2023

In particular, the code checks for the manufacturer ID string (with a length of 12 bytes) for the following values: “XenVMMXenVMM” (Xen HVM) “VMwareVMware” (VMware) “Microsoft Hv” (Microsoft Hyper-V) “ KVMKVMKVM “ (KVM) “prl hyperv “ (Parallels) “VBoxVBoxVBox” (VirtualBox) This detection code is likely derived from Pafish.

Cryptocurrency 52

Cryptocurrency Password Management Malware DNS 52

SecureList

APRIL 27, 2022

While we were unable to obtain the same results by analyzing the CERT-UA samples, we subsequently identified a different WhiteBlackCrypt sample matching the WhisperKill architecture and sharing similar code. On February 23, ESET published a tweet announcing new wiper malware targeting Ukraine.

Malware 131

Malware Firmware Government Phishing 131

SecureList

MAY 31, 2021

A41APT is a long-running campaign, active from March 2019 to the end of December 2020, that has targeted multiple industries, including Japanese manufacturing and its overseas bases. The Apple M1, a direct relative of the processors used in the iPhone and iPad, will ultimately allow Apple to unify its software under a single architecture.

Malware 94

Malware Adware Encryption Architecture 94

eSecurity Planet

MAY 2, 2024

50,000 DDoS attacks on public domain name service (DNS) resolvers. 553% increase in DNS Flood attacks from 1H 2020 to 2H 2023. DDoS attacks on single networks or websites render them unavailable, but DDoS attacks on DNS resolvers bring down all networks and websites using that DNS resource.

Cybersecurity 93

Cybersecurity DDOS Penetration Testing Passwords 93

Security Boulevard

JANUARY 20, 2022

Overlap of Passive DNS resolution of domain observed on current attack infrastructure with the IP used by Molerats APT group in the past. Collects the machine manufacture and machine model information using WMI which is used for execution environment checks and is later exfiltrated to C2 server. Attack flow. Data from Local System.

Accountability 116

Accountability DNS Phishing Architecture 116