The Federal Bureau of Investigation (FBI), the U.S. Department of State, and the National Security Agency (NSA) are jointly issuing this advisory to highlight attempts by Democratic People’s Republic of Korea (DPRK, a.k.a. North Korea) Kimsuky cyber actors to exploit improperly configured DNS Domain-based Message Authentication, Reporting and Conformance (DMARC) record policies to conceal social engineering attempts. Without properly configured DMARC policies, malicious cyber actors are able to
dns (3)
A recent analysis by cyber threat investigators of over 70 billion DNS records has led to the discovery of a new sophisticated malware toolkit named Decoy Dog targeting enterprise networks. Decoy Dog, as the name implies, is evasive and employs techniques like strategic domain aging and DNS query dribbling, wherein a series of queries are transmitted to the command-and-control (C2) domains not to arouse any suspicion.
Decoy Dog is a cohesive toolkit with several highly unusual characteristics t
Cloudflare has recently released their Q1 DDoS threat report [5]. Thus, this is a good point for a discussion on DDoS attacks and some of the newer techniques involved with them. First, we’ll get a little bit of a refresher on what DDoS attacks are, how they manifest and how things look when a service is being attacked, and how they can be detected. From there, we’ll go into the typical mechanics of how a DDoS attack takes place and what sort of techniques and methods tend to be involved. Th
