DNS hijacking is a worrisome threat for all Internet users and seems to be on the rise. There’s a new (free) tool from the National Cyber Security Centre to help businesses simulate and test their cyber attack responses.

For more articles, check out our #onpatrol4malware blog.

DNS hijacking

DNS Hijacking Abuses Trust In Core Internet Service

Source: Talos

This blog post discusses the technical details of a state-sponsored attack manipulating DNS systems. DNS is a foundational technology supporting the Internet. Manipulating that system has the potential to undermine the trust users have on the internet. Read more.

DNS hijacking

GoDaddy Shutters 15,000 Subdomains Tied to ‘Snake Oil’ Scams

Source: Threatpost

Researchers at the security firm Palo Alto Networks worked with […] GoDaddy to shut down 15,000 subdomains pitching ‘snake oil’ products and other scams. Read more.

DNS hijacking

Exercise in a Box

Source: National Cyber Security Centre

Exercise in a Box is an online tool from the NCSC which helps organisations test and practise their response to a cyber attack. It is completely free and you don’t have to be an expert to use it. Read more.

Windows updates

New cryptocurrency malware hijacks China’s enterprises to mine Monero

Source: TNW

A dangerous new wave of cryptocurrency mining malware has struck the internet, and it has already infected {…] enterprises across Asia. Read more.

DNS hijacking

TA505 Spear Phishing Campaign Uses LOLBins to Avoid Detection

Source: BleepingComputer

The TA505 hacking group ran a spear phishing campaign targeting a financial institution during April with the help of a signed version of the ServHelper backdoor and a number of LOLBins…. Read more.

Windows updates

A new variant of HawkEye stealer emerges in the threat landscape

Source: Security Affairs

New malware campaigns leveraging a new variant of the HawkEye data stealer have been observed by experts at Talos. It has been under active development since at least 2013. Read more.

DNS hijacking

P2P Weakness Exposes Millions of IoT Devices

Source: KrebsonSecurity

A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to…. Read more.