Tens of thousands of websites worldwide are infected with malware that utilizes the Domain Name System (DNS) to conditionally redirect visitors to malicious content. These DNS requests are made server-side, meaning from the website itself, and are not visible to the visitor. We have tracked the threat actor that operates this malware since August 2023. […] The post Detour Dog: DNS Malware Powers Strela Stealer Campaigns appeared first on Infoblox Blog.| Infoblox Blog
Turning DNS Intelligence Into Real-time Defense In today’s high-speed digital world, security teams are under pressure to move fast. They need to detect, respond to and remediate threats with precision and urgency. The integration of Infoblox Threat Defense™ with Rapid7 Nexpose and InsightVM delivers exactly that. It brings together predictive threat intelligence, DNS-based analytics and […] The post Supercharge Cyber Resilience with Infoblox + Rapid7 Integration appeared first on Infob...| Infoblox Blog
Introduction Over the past few months, in conversations I’ve had with enterprises running workloads across multiple regions and hybrid clouds, one theme kept coming up: DNS keeps biting them. Everyone wants the same thing: consistent, resilient DNS services that “just work” everywhere. But when you start layering in multi-cloud topologies, global reach and the need […] The post Delivering Anycast DNS in AWS with Infoblox Universal DDI™ and AWS Cloud WAN appeared first on Infoblox Blog.| Infoblox Blog
AI-Driven Cyber Threats is the New Normal Cybercrime is accelerating at an unprecedented pace. Global damages are projected to soar to $23 trillion by 2027,1 and threat actors are using AI to make attacks more prolific, stealthy and evasive. Attackers can now generate unique, one-time-use malware that renders traditional defense insufficient. To effectively defend against […] The post Infoblox and Google Cloud: Delivering Preemptive DNS Security appeared first on Infoblox Blog.| Infoblox Blog
DNS analysis links Vane Viper's AdTech abuse to AdTech Holding and PropellerAds, delivering malware through fake software, APKs, and redirects.| Infoblox Blog
Discover Infoblox Tokens—flexible, preemptive security licensing for Threat Defense, SOC Insights, Dossier, and hybrid cloud environments.| Infoblox Blog
Welcome to Infoblox Blogs. Here, we share our thoughts on market trends and technology best practices on all aspects of core networking and security.| Infoblox Blog
Learn how VexTrio Viper adapts to industry reporting and about the role of Infoblox Threat Intel in identifying and responding to these changes. Despite their adaptations, VexTrio Viper is still detectable.| Infoblox Blog
DNS threat actor VexTrio runs a large-scale criminal affiliate program including ClearFake and SocGholish actors.| Infoblox Blog
Infoblox describes a tactical change in VexTrio cyber campaigns that involves a DNS-based traffic distribution system and why it will bypass many detection systems.| Infoblox Blog
Protective DNS Challenges Preemptively blocking connections to threat-related domains is a highly attractive opportunity for security teams of all sizes—one also promoted by standardization bodies like the National Institute of Standards and Technology (NIST), with the latest version of NIST Special Publication (SP) 800-81 Revision 31 serving as a key proof point. The technology enabling […] The post Operationalize Protective DNS Step-by-Step appeared first on Infoblox Blog.| Infoblox Blog
In today’s interconnected enterprise environments, the stability and security of network services and infrastructure directly impact business continuity and resilience. Among the most critical yet often overlooked components of the network are Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP) services. These services form the foundation upon which virtually all digital operations depend. […] The post Rethinking Critical Infrastructure: The Strategic Case for Decoupli...| Infoblox Blog
“Yes, you are blocking … but what device? Firewall? Laptop? Server? We are spending too much time on research instead of immediately actionable data.” — Director of SecOps, Insurance (fictionalized quote based on real feedback) Security teams are not short on alerts, but what they truly lack is clarity. The real challenge is not just […] The post Unlocking Instant Visibility on Impacted Assets with Asset Workspaces: SOC Transformation Starts Here appeared first on Infoblox Blog.| Infoblox Blog
This is the third in a three-part, in-depth report covering nearly a year of research into VexTrio. To learn more about the people and entities involved, see the first part here. To learn about VexTrio’s activities, see here. VexTrio domains and references from this research can be found in our GitHub repository. In the first […] The post Inside the Robot: Deconstructing VexTrio’s Affiliate Advertising Platform appeared first on Infoblox Blog.| Infoblox Blog
This is the second in a three-part, in-depth report covering nearly a year of research into VexTrio. To learn more about the people and entities involved, see the first part here. To learn about VexTrio’s infrastructure and technology stack, see here. VexTrio domains and references from this research can be found in our GitHub repository. […] The post VexTrio Unmasked: A Legacy of Spam and Homegrown Scams appeared first on Infoblox Blog.| Infoblox Blog
In today’s cybersecurity landscape, security operations teams face a perfect storm of challenges—escalating threat volumes, fragmented tools, complex UIs and overwhelming amounts of data. As a result, identifying and responding to threats quickly and effectively has become increasingly difficult, especially for resource-constrained teams in all types of organizations, big and small. Enter Infoblox Security Workspace, […] The post Operationalizing Preemptive Security: Easily Understand y...| Infoblox Blog
In its recent Advisory AA25‑203A, the Cybersecurity and Infrastructure Security Agency (CISA) reaffirms a powerful truth: Protective DNS (Domain Name System) remains one of the most effective defenses against ransomware.| Infoblox Blog
Often referred to as the “phonebook of the internet,” DNS translates domain names into IP addresses, allowing us to navigate the web. Its fundamental role in internet communication means DNS traffic routinely passes through corporate firewalls with minimal inspection.| Infoblox Blog
A cabal of Russian-nexus adtech companies are the cybercriminal choice to drive users to scams and malware from millions of compromised sites.| Infoblox Blog
The adverse impact of visiting compromised domains that integrate malicious adtech.| Infoblox Blog
Russian threat actors combine domain name vulnerabilities with hidden router proxy techniques to scale their attacks while remaining shielded from detection.| Infoblox Blog
Discover how Infoblox Threat Intel uncovered widespread usage of malicious spam and domain spoofing from Chinese actors. Learn about the tactics and gain insights into how threat actors bypass security safeguards.| Infoblox Blog
The VexTrio DDGA is being used by malicious actors who take advantage of cheap, private domain registrations to create complex attack infrastructure that remain undetected for a long time. Learn about it in this comprehensive report.| Infoblox Blog
Learn about the insidious DNS attack vector that threat actors are using to hijack domains from major brands, government institutions, and other organizations, large and small. Find out how to determine whether your domain name is at risk.| Infoblox Blog
Infoblox Threat Intel exposes registered DGAs (RDGAs), the novel DGAs used by threat actors like Revolver Rabbit to deliver XLoader, Hancitor, and other malware| Infoblox Blog