Cyber Defense eMagazine February Edition for 2023
Cyber Defense eMagazine February Edition for 2023 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine February Edition for 2023 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
In response to North Korean state-sponsored (Lazarus) crypto attacks also in April, the FBI, CISA and<br />
the U.S. Treasury Department issued a joint alert advising organizations to have a robust domain security<br />
solution in place that includes leveraging reputation checks and closely monitoring or blocking newly<br />
registered domains (NRDs) in enterprise traffic.<br />
More recently, the FBI issued an alert in May about Business Email Compromise (BEC), stressing the<br />
importance of strong DNS layer security to combat phishing attacks. All of this follows previous<br />
government agency directives urging organizations to take actions to bolster DNS security.<br />
DNS is the Internet protocol that translates host names, like www.amazon.com, into IP addresses. It's<br />
the phone book of cyberspace, and an organization’s weakest network link. Security officials’ increased<br />
focus on DNS layer protection comes as no surprise today, as more than 78% of breaches involve the<br />
DNS layer.<br />
DNS Threats on the Rise: Targeted Phishing and Malware Tactics<br />
The DNS layer is ripe <strong>for</strong> exploitation from a hacker’s perspective. Attackers will set up their trap,<br />
commonly in the <strong>for</strong>m of malware, ransomware, and phishing scams. Then they rely on DNS servers to<br />
connect unwitting victims to malicious content.<br />
We have seen significant increases across threat types in 2022 from our global network processing more<br />
than 1 trillion queries a month. It paints a picture of targeted phishing and malware tactics.<br />
• 200% increase in malware traffic<br />
• 300% increase in phishing traffic<br />
• 1200% increase in botnet traffic<br />
• Deceptive sites that leverage the term “gov” have increased nearly 5x. The start of the “gov”<br />
domain traffic spike aligned with the start of the Russian invasion of Ukraine<br />
• Phishing traffic to German sites (.de) increased 125% at the end of March. Germany continues to<br />
have one of the most-used country code top-level domains (ccTLDs) <strong>for</strong> malicious domains<br />
• At the end of April, malicious websites with “health” in the name rose 218%<br />
• A 318% spike in malicious traffic using “bank” in the domain name. Threat actors eying banks, or<br />
bank patrons, isn’t a surprise as the banking industry saw a 1318% increase in ransomware<br />
attacks in 2021.<br />
In addition to malware, phishing, ransomware, and other cyber attacks, common DNS-related threats<br />
include cryptocurrency and associated threats such as the North Korean crypto attacks. When<br />
cryptocurrency made a comeback in 2020, security was impacted in a major way because threat actors<br />
saw a new opportunity <strong>for</strong> compromise. Ransomware payments are made with cryptocurrency, because<br />
they are on the blockchain anonymously and can’t be traced.<br />
Among the common DNS-based cryptocurrency-related threats are typosquatting domains, phishing<br />
domains, cryptojacking, mining pools and DNS poisoning. According to DNSFilter’s 2021 threat<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>February</strong> <strong>2023</strong> <strong>Edition</strong> 140<br />
Copyright © <strong>2023</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.