Tag: dns
-
Morphing Meerkat’s Phishing Tactics: Abusing DNS MX Records
A recent report has uncovered a sophisticated phishing operation that uses DNS techniques to tailor content to victims. First seen on securityonline.info Jump to article: securityonline.info/morphing-meerkats-phishing-tactics-abusing-dns-mx-records/
-
âš¡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More
Every week, someone somewhere slips up”, and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what happens when the hunters become the hunted? Or when old malware resurfaces with new tricks?Step behind the curtain with us this week as we explore breaches…
-
Morphing Meerkat phishing kits exploit DNS MX records
Morphing Meerkat phishing kits exploit DNS MX records to deliver spoofed login pages, targeting over 100 brands. Infoblox researchers discovered a new phishing-as-a-service (PhaaS) platform that generated multiple phishing kits, called Morphing Meerkat, using DNS mail exchange (MX) records to deliver fake login pages and targeting over 100 brands. Threat actors are exploiting DNS techniques…
-
‘Morphing Meerkat’ spoofs 114 brands via DNS mail exchange records
First seen on scworld.com Jump to article: www.scworld.com/news/morphing-meerkat-spoofs-114-brands-via-dns-mail-exchange-records
-
New Morphing Meerkat Phishing Kit Exploits DNS to Spoof 100+ Brands
A recent analysis published by Infoblox reveals a sophisticated phishing operation, dubbed Morphing Meerkat, actively exploiting DNS vulnerabilities… First seen on hackread.com Jump to article: hackread.com/morphing-meerkat-phishing-kit-dns-spoof-brands/
-
Morphing Meerkat Phishing Kits Target Over 100 Brands
A threat actor tracked as Morphing Meerkat abuses DNS mail exchange (MX) records to deliver spoofed login pages. The post Morphing Meerkat Phishing Kits Target Over 100 Brands appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/morphing-meerkat-phishing-kits-target-over-100-brands/
-
Phishing-as-a-service operation uses DNS-over-HTTPS for evasion
A newly discovered phishing-as-a-service (PhaaS) operation that researchers call Morphing Meerkat, has been using the DNS over HTTPS (DoH) protocol to evade detection. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/phishing-as-a-service-operation-uses-dns-over-https-for-evasion/
-
Morphing Meerkat PhaaS Platform Spoofs 100+ Brands
A PhaaS platform, dubbed ‘Morphing Meerkat,’ uses DNS MX records to spoof over 100 brands and steal credentials, according to Infoblox Threat Intel First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/morphing-meerkat-phaas-platform/
-
New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records
Cybersecurity researchers have shed light on a new phishing-as-a-service (PhaaS) platform that leverages the Domain Name System (DNS) mail exchange (MX) records to serve fake login pages that impersonate about 114 brands.DNS intelligence firm Infoblox is tracking the actor behind the PhaaS, the phishing kit, and the related activity under the moniker Morphing Meerkat.”The threat…
-
UK NCSC offers security guidance for domain and DNS registrars
The UK National Cyber Security Centre (NCSC) has released security guidance for domain registrars and operators of Domain Name System (DNS) services. >>DNS registrars … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/27/ncsc-offers-security-guidance-for-domain-and-dns-registrars/
-
7 cutting-edge encryption techniques for reimagining data security
Tags: ai, computer, cryptography, data, dns, encryption, government, ibm, identity, nist, office, privacy, risk, software, technology, trainingPrivate information retrieval: Securing a database is fairly straightforward. Protecting the privacy of the users, however, is a bit more difficult. Private information retrieval algorithms make it possible for people to search the database for specific blocks of data without revealing too much to the database owner.This extra layer of protection relies on scrambling larger…
-
Getting the Most Value Out of the OSCP: The PEN-200 Labs
Tags: access, ai, attack, compliance, container, cyber, cybersecurity, dns, docker, exploit, firewall, guide, hacking, Hardware, infrastructure, intelligence, jobs, kubernetes, microsoft, mitigation, network, open-source, oracle, penetration-testing, powershell, risk, security-incident, service, siem, skills, technology, tool, training, vmware, vulnerability, windowsHow to leverage the PEN-200 simulated black-box penetration testing scenarios for maximal self-improvement and career success. Disclaimer: All opinions expressed in this article are solely my own. I have reviewed the content to ensure compliance with OffSec’s copyright policies and agreements. I have not been sponsored or incentivized in any way to recommend or oppose any…
-
DEF CON 32 Recon Village Pushing the Limits of Mass DNS Scanning
Speaker: Jasper Insinger Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite []DEF CON 32]2 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/def-con-32-recon-village-pushing-the-limits-of-mass-dns-scanning/
-
Invisible C2″Š”, “Šthanks to AI-powered techniques
Tags: ai, api, attack, breach, business, chatgpt, cloud, communications, control, cyberattack, cybersecurity, data, defense, detection, dns, edr, email, encryption, endpoint, hacker, iot, LLM, malicious, malware, ml, monitoring, network, office, openai, powershell, service, siem, soc, strategy, threat, tool, update, vulnerability, zero-trustInvisible C2″Š”, “Šthanks to AI-powered techniques Just about every cyberattack needs a Command and Control (C2) channel”Š”, “Ša way for attackers to send instructions to compromised systems and receive stolen data. This gives us all a chance to see attacks that are putting us at risk. LLMs can help attackers avoid signature based detection Traditionally, C2…
-
Microsoft Patch Tuesday security updates for March 2025 fix six actively exploited zero-days
Microsoft Patch Tuesday security updates for March 2025 address 56 security vulnerabilities in its products, including six actively exploited zero-days. Microsoft Patch Tuesday security updates for March 2025 addressed 56 vulnerabilities in Windows and Windows Components, Office and Office Components, Azure, .NET and Visual Studio, Remote Desktop Services, DNS Server, and Hyper-V Server. This Patch…
-
What is DNS Hijacking: Detection, Prevention, and Mitigation
Discover how DNS hijacking works, explore real-world examples and discover effective ways to detect, prevent, and fix DNS hijacking with actionable strategies. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/what-is-dns-hijacking-detection-prevention-and-mitigation/
-
Microsoft fixes Entra ID authentication issue caused by DNS change
Microsoft has fixed an issue that caused Entra ID DNS authentication failures when using the company’s Seamless SSO and Microsoft Entra Connect Sync. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-entra-id-authentication-issue-caused-by-dns-change/
-
DNS Amplification Attacks: Examples, Detection Mitigation
Discover DNS amplification attacks, examples, detection methods, and mitigation strategies to protect your network from DDoS threats. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/dns-amplification-attacks-examples-detection-mitigation/
-
Burp Suite Professional / Community 2025.2 Released With New Built-in AI Integration
PortSwigger has announced the release of Burp Suite Professional and Community Edition 2025.2, introducing significant updates that include AI integration into the Montoya API, enhancing the capabilities for building smarter, AI-powered extensions. Bug Fixes and Browser Updates: A notable bug fix corrects the display of source IP addresses for DNS requests over IPv6 in the…
-
The Rise of Typhoon Cyber Groups
Tags: access, attack, breach, communications, control, cyber, cyberattack, cybersecurity, data, defense, dns, endpoint, espionage, exploit, finance, government, group, infrastructure, intelligence, iot, military, monitoring, network, phone, resilience, supply-chain, tactics, threat, tool, vulnerability, zero-day -
Reale Geschäftsdomäne für Phishing-Angriff missbraucht
Vor wenigen Tagen hat das Threat Lab von KnowBe4 in einem Blogbeitrag die Ergebnisse seiner Analyse einer eher ungewöhnlichen Phishing-Kampagne vorgestellt. Deren Besonderheit: sie erfolgte über eine reale aber kompromittierte Geschäftsdomäne. Den Angreifern war es gelungen, in die DNS-Verwaltungskonsole einer legitimen Domäne einzudringen. Hier hatten sie dann eine Subdomäne und einen TXT-Eintrag erstellt, […] First…
-
BadDNS: Open-source tool checks for subdomain takeovers
BadDNS is an open-source Python DNS auditing tool designed to detect domain and subdomain takeovers of all types. BadDNS modules cname Check for dangling CNAME records … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/03/baddns-open-source-tool-check-domain-subdomain-takeover/
-
FBI Seizes Leading Hacking Forums Cracked.io and Nulled.to
Nulled.to Cracked.to and Cracked.io, major hacking forums, appear seized by the FBI as DNS records point to FBI… First seen on hackread.com Jump to article: hackread.com/fbi-seizes-hacking-forums-cracked-to-nulled-to/
-
FBI Seizes Leading Hacking Forums Cracked.to and Nulled.to
Nulled.to and Cracked.to, major hacking forums, appear seized by the FBI as DNS records point to FBI servers…. First seen on hackread.com Jump to article: hackread.com/fbi-seizes-hacking-forums-cracked-to-nulled-to/
-
Mastercard: Tippfehler in DNS-Eintrag bleibt jahrelang unentdeckt
Bis vor kurzem hatte Mastercard einen Tippfehler in einem DNS-Eintrag. Ein Angreifer hätte die falsche Domain registrieren und Traffic abfangen können. First seen on golem.de Jump to article: www.golem.de/news/mastercard-tippfehler-in-dns-eintrag-bleibt-jahrelang-unentdeckt-2501-192683.html
-
QakBot-Linked BC Malware Adds Enhanced DNS Tunneling and Remote Access Features
Cybersecurity researchers have disclosed details of a new BackConnect (BC) malware that has been developed by threat actors linked to the infamous QakBot loader.”BackConnect is a common feature or module utilized by threat actors to maintain persistence and perform tasks,” Walmart’s Cyber Intelligence team told The Hacker News. “The BackConnect(s) in use were ‘DarkVNC’ alongside…