Duo's Security Blog

MAY 4, 2023

See the video at the blog post. People have already gotten pretty comfortable with these flows because of mobile devices having biometric support over the past five, almost 10 years now, at this point. But when I was there, one of the first projects I worked on was auth systems for mostly DNS. See the video at the blog post.

Passwords 83

Passwords Authentication DNS Technology 83

Security Affairs

SEPTEMBER 8, 2019

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Some Zyxel devices can be hacked via DNS requests. The best news of the week with Security Affairs. Once again thank you!

IoT 76

IoT Data breaches DNS Advertising 76

Troy Hunt

NOVEMBER 25, 2020

Back to the bit about risks impacting data collected by IoT devices and back again to CloudPets, Context Security's piece aligned with my own story about kids' CloudPets messages being left exposed to the internet. Or are they just the same old risks we've always had with data stored on the internet?

IoT 358

IoT Firmware Risk Manufacturing 358

Cisco Security

MARCH 27, 2021

Shrink the DNS attack surface with Auth-DoH. In this analogy, the invisibility superpower is DNS over HTTPS (DoH). It’s a new protocol that encrypts the DNS request to keep bad actors from discovering or altering domain names or snooping on users’ internet destinations. My inspiration: Loki , the Marvel superhero.)

DNS 105

DNS VPN Advertising Encryption 105

Malwarebytes

OCTOBER 5, 2021

The Internet is a patchwork of hundreds of thousands of separate networks, called Autonomous Systems, that are stitched together with BGP. To route data across the Internet, Autonomous Systems need to know which IP addresses other Autonomous Systems either control or can route traffic to. Thankfully, it withstood the onslaught.

DNS 143

DNS Internet Internet Mobile 143

Security Boulevard

MARCH 13, 2024

It’s also why HYAS clients depend upon our protective DNS solution, HYAS Protect , as a trusted and necessary component of their security stack. HYAS Protect also enforces acceptable internet use policies and aligns them all with existing business units, departments, and teams in your company.

DNS 49

DNS Architecture Cyber threats Phishing 49

Kali Linux

NOVEMBER 27, 2022

In Secure Kali Pi (2022) , the first blog post in the Raspberry Pi series, we set up a Raspberry Pi 4 with full disk encryption. If you are only interested in using the Raspberry Pi as a Wi-Fi client, you can stop here, and unmount everything like we did in our secure Kali Pi blog post. hcd usr/lib/firmware/brcm/BCM-0bb4-0306.hcd

Firmware 52

Firmware Wireless Passwords VPN 52

Cisco Security

AUGUST 29, 2022

In part one of our Black Hat USA 2022 NOC blog, we discussed building the network with Meraki: Adapt and Overcome. 25+ Years of Black Hat (and some DNS stats), by Alejo Calaoagan. If there is a specific DNS attack that threatened the conference, we supported Black Hat in blocking it to protect the network.

DNS 75

DNS Wireless Malware Firewall 75

SecureList

FEBRUARY 7, 2022

Roaming Mantis is a malicious campaign that targets Android devices and spreads mobile malware via smishing. We have been tracking Roaming Mantis since 2018, and published five blog posts about this campaign: Roaming Mantis uses DNS hijacking to infect Android smartphones. Roaming Mantis, part III. Roaming Mantis, part III.

Phishing 86

Phishing DNS Mobile Malware 86

Cisco Security

AUGUST 28, 2023

XDR (eXtended Detection and Response) Integrations At Black Hat USA 2023, Cisco Secure was the official Mobile Device Management, DNS (Domain Name Service) and Malware Analysis Provider. SCA detected 289 alerts including Suspected Port Abuse, Internal Port Scanner, New Unusual DNS Resolver,and Protocol Violation (Geographic).

Wireless 61

Wireless DNS Mobile Technology 61

SecureList

FEBRUARY 16, 2021

The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent. In early October, a DDoS attack was reported by the PUBG Mobile team. — PUBG MOBILE (@PUBGMOBILE) October 3, 2020.

DDOS 134

DDOS Cryptocurrency Marketing Internet 134

McAfee

AUGUST 23, 2020

However, digital transformation projects including cloud migration and ubiquitous mobile access have revealed architectural cracks, and many companies have seen the dam burst with the explosion in remote access demand in recent months. While this theoretically maintains security visibility and control, it comes at great cost.

Architecture 85

Architecture Digital transformation Internet Internet 85

Cisco Security

AUGUST 29, 2022

In part one of this issue of our Black Hat USA NOC (Network Operations Center) blog, you will find: Adapt and Overcome. Another challenge the morning of the Expo Hall opening was that five of the 57MRs inside were not yet connected to the Internet when it opened at 10am. Building the Hacker Summer Camp network, by Evan Basta.

Engineering 72

Engineering Wireless Malware DNS 72

Cisco Security

DECEMBER 22, 2022

In this blog about the design, deployment and automation of the Black Hat network, we have the following sections: Designing the Black Hat Network, by Evan Basta. Christian Clasen takes this available data to a new level in Part 2 of the blog. Much of this has been covered in previous blogs.

Engineering 63

Engineering Mobile Malware Wireless 63

SecureList

APRIL 27, 2021

In November and December 2020, two public blog posts were published about this campaign. Although Lyceum still prefers taking advantage of DNS tunneling, it appears to have replaced the previously documented.NET payload with a new C++ backdoor and a PowerShell script that serve the same purpose.

Malware 142

Malware Spyware Government Social Engineering 142

Cisco Security

AUGUST 26, 2022

FAMOC manage from Techstep, a Gartner-recognized MMS provider, is an MDM designed to give IT a complete view and absolute control over mobile devices used by the workforce, so that people can work more effectively and securely. This new integration supports Umbrella proxy, cloud firewall, IP, and DNS logs. Access the workflows here.

Firewall 116

Firewall Authentication Passwords Threat Detection 116

Cisco Security

JUNE 15, 2021

Some of those early NGFW implementations took shortcuts to improve performance by simply treating all UDP/53 traffic as DNS and TCP/23 as Telnet, but eventually everyone invested in good enough DPI to get beyond those obvious pitfalls.

Firewall 131

Firewall Software Network Security Encryption 131

SecureList

OCTOBER 26, 2021

In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.

Malware 143

Malware Government Surveillance Spyware 143