DNS, Phishing and Telecommunications - Cyber Security Informer

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

FEBRUARY 18, 2019

” The DNS part of that moniker refers to the global “ D omain N ame S ystem ,” which serves as a kind of phone book for the Internet by translating human-friendly Web site names (example.com) into numeric Internet address that are easier for computers to manage. PASSIVE DNS.

DNS

DNS Internet Internet Government

Why is.US Being Used to Phish So Many of Us?

Krebs on Security

SEPTEMBER 1, 2023

Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. government, which is frequently the target of phishing domains ending in.US. US phishing domains.US US phishing domains.US This is noteworthy because.US

Phishing

Phishing Telecommunications Government DNS

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Security Affairs

JUNE 11, 2022

Iran-linked Lyceum APT group uses a new.NET-based DNS backdoor to target organizations in the energy and telecommunication sectors. The Iran-linked Lyceum APT group, aka Hexane or Spilrin, used a new.NET-based DNS backdoor in a campaign aimed at companies in the energy and telecommunication sectors, ZScaler researchers warn.

DNS

DNS Telecommunications Malware Phishing

US Harbors Prolific Malicious Link Shortening Service

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. domains as among the most prevalent in phishing attacks over the past year. US phishing domains.

Phishing

Phishing Telecommunications Malware Scams

Alleged Iran-linked APT groups behind global DNS Hijacking campaign

Security Affairs

JANUARY 10, 2019

Security expert uncovered a DNS hijacking campaign targeting organizations in various industries worldwide and suspects Iranian APT groups. It is interesting to note that FireEye confirmed that this campaign is different from other operations carried out by Iranian APT groups due to the use of DNS hijacking at scale.

DNS

DNS Telecommunications Government Encryption

Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw

Security Affairs

SEPTEMBER 23, 2024

The threat actor used spear-phishing emails and exploited the recently patched GeoServer vulnerability CVE-2024-36401. Earth Baxia primarily targeted government agencies, telecommunication businesses, and the energy industry in the Philippines, South Korea, Vietnam, Taiwan, and Thailand. ” reads the report.

DNS

DNS Government Phishing Telecommunications

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

JULY 13, 2019

The campaign uncovered by Avast aimed at silently modifying the Brazilian users’ Domain Name System (DNS) settings to redirect victims to malicious websites mimicking legitimate ones. In some cases the router is reconfigured to use rogue DNS servers, which redirect victims to phishing pages that closely look like real online banking sites.

DNS

DNS Passwords Advertising Banking

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. ” reads the report published by Recorded Future.

Malware

Malware Telecommunications DNS Hacking

What are Common Types of Social Engineering Attacks?

eSecurity Planet

JULY 29, 2021

Social engineering can manifest itself across a wide range of cybersecurity attacks: Phishing Smishing Vishing Whaling Pharming Baiting Pretexting Scareware Deepfakes. Phishing is a broad category of social engineering attacks that specifically target most businesses’ primary mode of communication: email.

Social Engineering

Social Engineering Engineering Phishing DNS

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

The group’s distinctive features are the high quality of their phishing attacks and the use of legitimate services, which makes it very difficult to detect its malicious activity in companies’ infrastructures. The most common objective of such attacks is cyberespionage and disruption of major telecommunications companies’ work.

Banking

Banking Telecommunications Marketing Internet

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Security Affairs

JULY 6, 2021

According to Group-IB’s Threat Intelligence team, the suspect, dubbed Dr HeX by Group-IB based on one of the nicknames that he used, has been active since at least 2009 and is responsible for a number of cybercrimes, including phishing, defacing, malware development, fraud, and carding that resulted in thousands of unsuspecting victims.

Cybercrime

Cybercrime Phishing Banking Telecommunications

OilRig APT group: the evolution of attack techniques over time

Security Affairs

AUGUST 7, 2019

The group has targeted a variety of industries, including financial, government, energy, chemical, and telecommunications, and has largely focused its operations within the Middle East. Indeed during the group_a, the main observed delivery techniques where about Phishing (rif.T1193) and Valid Accounts (rif.T1078).

Computers and Electronics

Computers and Electronics Penetration Testing DNS Phishing

Iranian Threat Actors: Preliminary Analysis

Security Affairs

JANUARY 15, 2020

If so we are facing a state-sponsored group with high capabilities in developing persistence and hidden communication channels (for example over DNS) but without a deep interest in exploiting services. The group’s victims are mainly in the telecommunications, government (IT services), and oil sectors.”

Computers and Electronics

Computers and Electronics Penetration Testing Malware Government

Cyber Security Informer

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Why is.US Being Used to Phish So Many of Us?

Trending Sources

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

US Harbors Prolific Malicious Link Shortening Service

Alleged Iran-linked APT groups behind global DNS Hijacking campaign

Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw

For nearly a year, Brazilian users have been targeted with router attacks

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

What are Common Types of Social Engineering Attacks?

Group-IB presents its annual report on global threats to stability in cyberspace

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

OilRig APT group: the evolution of attack techniques over time

Iranian Threat Actors: Preliminary Analysis

Stay Connected