Frühere Suchanfragen
Suchoptionen
#dns
46 Beiträge41 Beteiligte0 Beiträge heute
Vigilant: All-in-One #WebMonitoring Tool
Vigilant allows you to monitor all aspects of your website including uptime, #DNS, #Lighthouse, and broken links
Comprehensive monitoring of website performance, uptime, and DNS configurations
CYBERSECURITY
NSA Warns of “Fast Flux” Botnets
Rapidly rotating IPs & domains make detection harder.
Nation-states & ransomware groups use it to evade takedowns.
Wildcard DNS creates fake subdomains for hidden C2 servers.
US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations – Source: www.securityweek.com https://ciso2ciso.com/us-allies-warn-of-threat-actors-using-fast-flux-to-hide-server-locations-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #securityweekcom #securityweek #fastflux #guidance #CISA #DNS
CISO2CISO.COM & CYBER SECURITY GROUP · US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations – Source: www.securityweek.comSource: www.securityweek.com - Author: Ionut Arghire Threat actors are employing a technique known as ‘fast flux’ to hide the location of their malic
CISA warns of fast flux DNS evasion technique used by cybercriminals; urges stronger defenses. #Cybersecurity #FastFlux #DNS
More details: https://cyberinsider.com/cisa-warns-of-fast-flux-technique-hackers-use-for-evasion/ - https://www.flagthis.com/news/12503
Mit der Rückkehr von Donald #Trump ins Weiße Haus wird die Abhängigkeit von #US-#Cloud-Diensten zu einem wachsenden Problem.
Denn der
#CloudAct zwingt US-amerikanische Firmen Anweisungen von US-Behörden Folge zu leisten, ganz gleich wo deren #Server stehen.
Nicht nur Staaten und Unternehmen, sondern auch Privatpersonen sind betroffen.
Angefangen bei #Datenspeichern über #Online-#Office-Anwendungen bis zu grundlegenden Internetdiensten wie #DNS oder Zertifizierungsstellen.
Es betrifft selbst smarte Geräte wie #WLAN-Steckdosen, wenn deren zentralen Dienste auf einem #Hyperscaler wie #Amazon #AWS oder #Microsoft #Azure liegen.
Doch es gibt Möglichkeiten, den #Datenabfluss zu minimieren und #Alternativen zu nutzen.
Welche das sind, erläutert c’t Redakteur Peter Siering. Die Optionen reichen von #Suchmaschinen über europäische Cloud-Speicher und Open-Source-Projekte bis zu dezentralen, sichereren #Messengern.
I'm very happy with my earlier self that he documented the road to coredns, https://miek.nl/tags/coredns/
Miek GiebenCoredns
Raus aus der #US-#Cloud: Wie wir unsere digitale #Souveränität zurückgewinnen | c’t uplink
Mit der Rückkehr von Donald #Trump ins Weiße Haus wird die Abhängigkeit von US-Cloud-Diensten zu einem wachsenden Problem. Denn der #Cloud Act zwingt US-amerikanische Firmen Anweisungen von US-Behörden Folge zu leisten, ganz gleich wo deren Server stehen.
Nicht nur Staaten und Unternehmen, sondern auch Privatpersonen sind betroffen. Angefangen bei Datenspeichern über Online-Office-Anwendungen bis zu grundlegenden Internetdiensten wie #DNS oder Zertifizierungsstellen. Es betrifft selbst smarte Geräte wie #WLAN-Steckdosen, wenn deren zentralen Dienste auf einem Hyperscaler wie #Amazon #AWS oder #Microsoft #Azure liegen.
For those that run a homelab with DNS and DHCP, are you using IPv6? I'm running BIND and debating if I need to configure IPv6 just to future-proof myself. I'm not seeing any issues, at least any that I notice.
Also, I know little about IPv6, so I admit I need to do some learning.
In case you're not up-to-speed on what #FastFlux #DNS is, it's part of the arms race between attackers and defenders:
THREAT ACTOR: This is my C2 IP
BLUE TEAMER: Blocked at the firewall
TA: Ok, well then, here's my C2 domain. I've rented 50k botnet nodes to use as proxies to my real C2 infrastructure, and I'm going to keep changing the IP the domain points to basically forever. Good luck blocking that. [FAST FLUX]
BT: Blocked the domain's nameserver's IPs at the firewall
NSA and global cybersecurity agencies warn that #FastFlux, a tactic used to hide malicious servers, is now a national security threat.
Read: https://hackread.com/nsa-allies-fast-flux-a-national-security-threat/
Hackread - Latest Cybersecurity, Tech, AI, Crypto & Hacking News · NSA and Global Allies Declare Fast Flux a National Security ThreatFollow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread
Grab your beverage of choice 
, because there's a LOT to recap from the last 24 hours. Check it out here 
https://opalsec.io/daily-news-update-friday-april-4-2025-australia-melbourne/
There's a lot to digest, so if you're running between meetings or scoffing down a quick lunch before the next - here's the TL;DR on the key points:
Urgent Ivanti Patch Alert: A critical RCE zero-day is being actively exploited by suspected China-nexus group UNC5221, who are deploying new malware (TRAILBLAZE, BRUSHFIRE).
Fast Flux is Back in the Spotlight: Five Eyes agencies dropped a joint advisory on the increased use of this evasion technique by sophisticated actors (ransomware gangs, state-sponsored groups). It makes tracking C2s & phishing sites a real headache by rapidly changing IPs/nameservers.
GitHub Supply Chain Attack Deep Dive: Remember that complex attack targeting Coinbase via GitHub Actions? Unit 42 traced its origin back to a single leaked SpotBugs Personal Access Token from late 2024! A huge reminder about token hygiene, the risks of mutable tags, and those cascading dependency threats. Rotate secrets if you use SpotBugs, Reviewdog, or tj-actions!
Oracle's Cloud Breach Saga Continues...: Oracle reportedly admitted a breach to customers, framing it as a "legacy" (pre-2017) environment issue, yet, the actor leaked data allegedly from late 2024/2025. The focus on "Oracle Cloud Classic" vs. OCI feels like damage control over transparency. As I put it in the blog, their handling doesn't exactly inspire confidence – trust is earned, folks.
Rethinking Disaster Recovery in the Ransomware Era: DR is way more than just backups now. With hybrid environments sprawling and ransomware the top threat, recovery is Incident Response (detect, isolate, wipe, reinstall, restore). Homogeneity might simplify recovery, but beware of single points of failure (hello, CrowdStrike outage!).
Mass Scanning Alert: Seeing increased probes against Juniper devices (looking for default 't128' creds - change 'em!) and Palo Alto GlobalProtect portals. Motives are unclear – could be recon, botnet building, or sniffing for vulnerabilities. Keep those edge devices patched and hardened!
New Malware 'Wrecksteel' Hits Ukraine: CERT-UA warns of a new espionage malware targeting state agencies and critical infrastructure via phishing. Deployed by UAC-0219, Wrecksteel exfiltrates documents and takes screenshots.
INC Ransomware Claims State Bar of Texas: The second-largest US bar association confirmed a data breach after INC ransomware listed them on their leak site.
Stay informed, stay vigilant, and let me know your thoughts in the comments! What's catching your eye this week?
Opalsec · Daily News Update: Friday, April 4, 2025 (Australia/Melbourne)Chinese group exploiting Ivanti RCE bug since mid-March to drop web shells; DNS Fast Flux increasingly used by cyber crims & nation-states; GitHub Supply Chain attack traced to leaked Access Token in a CI workflow; Oracle says breach is of legacy system - receipts show otherwise.
CISA: Fast Flux DNS Is a National Security Threat
Cyber actors are escalating use of fast flux DNS—a tactic that rapidly changes IP addresses and name servers tied to malicious domains—to evade detection and maintain resilient command-and-control infrastructure.
CISA’s latest advisory, backed by the NSA, FBI, and allies from Australia, Canada, and New Zealand, warns that this technique is:
・
Difficult to block with traditional defenses
・
Used in attacks by Hive, Gamaredon, and other advanced threats
・
Critical for botnet survival and ransomware delivery
ISPs and DNS providers are being called on to:
・Deploy Protective DNS (PDNS) services
・Develop analytics to detect fast flux behavior
・Share threat intelligence across sectors
This is a call to arms for defenders: if you’re not watching your DNS traffic closely, you’re blind to one of the most elusive forms of modern infrastructure abuse.
https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-093a
Friendly reminder that you should be blocking all newly registered domains for your end users. Free lists like the NRD (https://github.com/xRuffKez/NRD) exist. Microsoft Defender for Endpoint also has a built in list you can enable via policy.
IMO everyone should do 365 days but even 30 or 90 will save you so much headache.
#DNS #ThreatIntel #FastFlux
GitHubGitHub - xRuffKez/NRD: A daily updated list of newly registered domains from the past 14 and 30 days for blocking, monitoring and analysis.A daily updated list of newly registered domains from the past 14 and 30 days for blocking, monitoring and analysis. - xRuffKez/NRD
Dive into the world of DNS with our latest video! Just released: "What are AAAA Records?" If you're looking to expand the connections your web service or app has with IPv6, this video will teach you how AAAA Records map your domain to IPv6 addresses so that you can take advantage of the emerging technology.
https://youtu.be/4SGgO5MSQLg
DDoS Attacks (HTTP/2, DNS, Hacktivist)
This is Real World Technical Analysis
YouTube video: https://youtu.be/t2jKcA1OyBE
#Sponsored #cybersecurity #ddos #dos #DNS #http #tls #hack #hacker #hacking #cyber #internet Radware