menu
techminis

A naukri.com initiative

google-web-stories
source image

Infoblox

4d

read

283

img
dot

Image Credit: Infoblox

2024 DNS Threat Landscape

  • DNS-sourced threats are evolving with new evasion and stealth techniques that bypass security controls.
  • In 2024, Infoblox added 20 million new indicators and provided an average of 63 days of protection before a malicious domain was actively used.
  • Registered Domain Generation Algorithm (RDGA) is used by adversaries to create numerous domain names, which was the top technique seen in 2024.
  • Lookalike domain names were discovered during key events like the Olympics and elections in 2024.
  • Traffic Distribution Systems (TDSs) allow actors to target specific audiences making them the second most important technique seen.
  • Actors are exploiting the effectiveness of sitting duck attacks, which involve hijacking domains for their positive reputation.
  • DNS tunneling is being used by malicious actors to bypass firewalls and exfiltrate data most of whom remain undetected.
  • The Muddling Meerkat actor may be linked to a nation-state nexus that probes DNS networks through open resolvers.
  • Malicious usage of DNS remains underreported in the security industry, and organizations should include protection against the malicious usage of domains as part of the enterprise defense-in-depth strategy.
  • Infoblox enables security teams to block over 75% of malicious domains before victim interaction.

Read Full Article

like

17 Likes

For uninterrupted reading, download the app