dns

July 9, 2019

THREAT RESEARCH

Sea Turtle Keeps on Swimming

By Danny Adamitis with contributions from Paul Rascagneres. Executive summary After several months of activity, the actors behind the “Sea Turtle” DNS hijacking campaign are not slowing down. Cisco Talos recently discovered new details that suggest they regrouped after we published our i…

April 23, 2019

THREAT RESEARCH

DNSpionage brings out the Karkoff

In November 2018, Cisco Talos discovered an attack campaign, called DNSpionage, in which threat actors created a new remote administrative tool that supports HTTP and DNS communication with the attackers’ command and control(C2). Since then, there have been several other public reports of addi…

April 17, 2019

THREAT RESEARCH

DNS Hijacking Abuses Trust In Core Internet Service

This blog post discusses the technical details of a state-sponsored attack manipulating DNS systems. While this incident is limited to targeting primarily national security organizations in the Middle East and North Africa, and we do not want to overstate the consequences of this specific campaign,…

November 27, 2018

THREAT RESEARCH

DNSpionage Campaign Targets Middle East

This blog post was authored by Warren Mercer and Paul Rascagneres. Executive Summary Cisco Talos recently discovered a new campaign targeting Lebanon and the United Arab Emirates (UAE) affecting .gov domains, as well as a private Lebanese airline company. Based on our research, it’s clear that…

March 1, 2018

SECURITY

Debunking the myths of DNS security

For years, we’ve been pioneering the use of DNS to enforce security. We recognized that DNS was often a blind spot for organizations and that using DNS to enforce security was both practical and effective. Why? Because DNS isn’t optional. It’s foundational to how the internet works and and is used b…

July 11, 2016

NETWORKING

Cisco Umbrella Branch: the Fastest, Easiest Security for Branches

As an organization, providing secure guest and corporate Internet access at the branch can be a major challenge. Not only do you have to protect the enterprise, you also have to protect your customer. Protection is good… but it also needs to be simple to deploy, easy to manage, and integrates seamle…

June 9, 2016

SECURITY

Detection in Depth

Defense in depth is a well understood and widely implemented approach that can better secure your organization’s network. It works by placing multiple layers of defense throughout the network to create a series of overlapping and redundant defenses. If one layer fails, there will still be other defe…

January 22, 2016

SECURITY

Overcoming the DNS “Blind Spot”

[ed. note – this post was authored jointly by John Stuppi and Dan Hubbard] The Domain Name Service (DNS) provides the IP addresses of intended domain names in response to queries from requesting end hosts. Because many threat actors today are leveraging DNS to compromise end hosts monitoring D…

August 28, 2015

DATA CENTER

ACI and Infoblox DDI Deliver Highly Automated, Secure, Reliable Core Network Services

Modern demands  in virtualization, cloud, and the Internet of Things are shifting the network landscape and require advanced solutions to manage critical network services across physical, virtual, and cloud environments. Recently, I had the opportunity to speak with InfoBlox’s Chief Technology…