- Malware Tunneling Data and Commands Over DNS to Bypass Firewalls
Adversaries can tunnel command and control traffic through DNS queries to bypass firewalls, even when environments restrict outbound DNS to trusted servers. Tools like dnscat2 demonstrate how easily...
- Tools Generating Domain Name Variations Used in Phishing Attacks
Phishing attackers register domain names similar to targeted organizations using techniques like bitsquatting, homoglyphs, letter repetition, transposition, and typos. Tools like dnstwist and...
- Malware Conversation With a Tech Support Scammer
Tech support scammers use scareware web pages to convince visitors their PCs are infected, then employ consultative sales tactics when victims call for help. Representatives use legitimate remote...
- Social Networking Scammers Prescreen Victims for Tech Support Scams via Twitter and Phone
Tech support scammers use Twitter bots to respond to public messages containing words like "virus" and "malware," inviting potential victims to call phone numbers where automated systems profile...
- Web Security Free Online Tools for Looking up Potentially Malicious Websites
A curated list of free online tools for investigating potentially malicious websites, ranging from services that provide historical reputation data to those that examine URLs in real time. Options...
- Malware Internet Noise and Malicious Requests to a New Web Server
A new web server with no public content immediately receives scans for open proxies, probes from potentially infected systems, and searches for phpMyAdmin vulnerabilities. These requests represent...