Today’s columnist, Stu Sjouwerman of KnowBe4, points out that many of the new unknown vectors being discovered today are just old wine in new bottles. (Adobe Stock)
Hackers are employing Domain Name System tunneling to monitor phishing email interactions, scan networks for vulnerabilities, and bypass security measures, BleepingComputer reports.
DNS tunneling involves encoding data within DNS queries, allowing covert communication channels that exploit fundamental network protocols. Palo Alto Networks’ Unit 42 research team discovered several malicious campaigns using this method, including a campaign called “TrkCdn,” which tracks phishing email engagement through encoded DNS queries to attacker-controlled subdomains, and one known as “SpamTracker,” which tracks spam delivery.
Another campaign dubbed “SecShow” uses DNS tunneling to map network infrastructures, embedding IP addresses and timestamps in DNS queries to identify exploitable network flaws.
These methods enable attackers to bypass firewalls, evade detection, and maintain operational flexibility, making DNS tunneling an attractive alternative to traditional tracking and scanning tools. Unit 42 recommends implementing DNS monitoring tools to detect unusual traffic patterns and limiting DNS resolvers to essential queries, thereby reducing the risk of DNS tunneling exploits.
Laura French
The heap overflow flaws affect vSphere and Cloud Foundation and could enable RCE.
Steve Zurier
Security pros say legacy devices such as F5 BigIP load balancers have become a clear security risk across enterprises.
SC Staff
The Register reports that unsupported Microsoft SQL Servers are poised to increase from 19.8% to 32% early next month after the discontinuation of extended support for SQL Server 2014 instances.
On-Demand Event
By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.
Copyright © 2024 CyberRisk Alliance, LLC All Rights Reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorization.
Your use of this website constitutes acceptance of CyberRisk Alliance Privacy Policy and Terms & Conditions.
About The Author
More Stories
Community-Centered Connectivity Initiatives Earn Viddy Awards Recognition
Zombie IXPs: The Four Types of Exchanges That Refuse to Die, but Fail to Live
The Shift in Peering Threatening the Internet’s Foundations