<ul><li>On August 29, 2024, RansomHub Ransomware advisory was issued by FBI, CISA, MS-ISAC, and HHS.</li><li>RansomHub emerged in February 2024 and targeted various critical infrastructure sectors.</li><li>It is a ransomware-as-a-service variant with high-profile affiliates from other ransomware variants.</li><li>Double-extortion model is used by RansomHub affiliates, encrypting systems and exfiltrating data.</li><li>Infoblox Threat Intel identified the RansomHub IOCs and protected the customers running blocking mode using high-risk feeds.</li><li>DNS Indicators of Compromise (IOCs) can reveal a wide range of malicious activities and provide early indicators of compromise.</li><li>Infoblox Threat Intel uses proprietary techniques to identify potentially malicious domains much earlier.</li><li>Infoblox threat data minimizes false positives, so you can be confident in what you are blocking.</li><li>To learn more about Infoblox Threat Defense visit www.infoblox.com.</li><li>To learn more about protective DNS guidance visit the provided link.</li></ul>

DNS Early Detection – RansomHub – Breaking the Kill Chain

Discover more