Home Resources Blog New Credential-Theft Attack Weaponizes DNS

New Credential-Theft Attack Weaponizes DNS

Francesco Altomare, Southern Europe Regional Manager @ GlobalDots
02.09.2019
image 1 Min read

The recently discovered campaign sends stolen data out of the network as part of a DNS query.

A new credential-theft attack campaign is using DNS to exfiltrate data. The campaign, which uses an illicit SSH client to gather the credentials, sends the purloined data to a pair of command-and-control (C2) servers.

Researchers at Alert Logic have found activity from this campaign dating back to August 9. In the attack, the malicious SSH client captures login credentials and sends the data to the C2 server as part of a DNS query, not likely to be automatically stopped by standard network protection systems.

dns hijacking

Read more: Dark Reading

dns

Learn More

Long-Term LastPass Breach Sounds Alarm For Static Credentials
Identity & Access Management (IAM)
Long-Term LastPass Breach Sounds Alarm For Static Credentials
Francesco Altomare, Southern Europe Regional Manager @ GlobalDots 02.03.23

LastPass’ password management service has introduced millions of users to the convenience and security of unique passwords. Across mobile and browser, LastPass promises a near-passwordless experience for millions of individuals and over 100,000 businesses. However, recent news threatens to drop a bombshell on credential-based security.  The Year-Long LastPass Dual Breach  In August 2022, LastPass released […]

Read more
You’ll Need Zero Trust, But You Won’t Get It with a VPN
SD-WAN and SASE
You’ll Need Zero Trust, But You Won’t Get It with a VPN
Francesco Altomare, Southern Europe Regional Manager @ GlobalDots 12.01.23

Properly implemented, a zero trust architecture provides much more granular and effective security than legacy security models. However, this is only true if a zero trust initiative is supported with the right tools. Legacy solutions, such as virtual private networks (VPNs), lack the capabilities necessary to implement a zero trust security strategy. Zero Trust Security is […]

Read more
4 Ways Where Remote Access VPNs Fall Short
SD-WAN and SASE
4 Ways Where Remote Access VPNs Fall Short
Francesco Altomare, Southern Europe Regional Manager @ GlobalDots 09.01.23

The Global Content Delivery Network (CDN) market is expected to grow by $42.4 billion between now and 2032.

Read more
Back to Resources
Unlock Your Cloud Potential
Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.
Book a Demo