Search

Cisco Report: DNS Activity Shows Glut of Phishing, Trojans, More - Channel Futures

cicingwos.blogspot.com

In today’s threat landscape, the idea that no one is an island holds true for threats.

A majority of Cisco customers encountered DNS activity last year, with high percentages of phishing, malvertising, malicious spam, trojans and more.

Cisco’s Threat Trends: DNS Security report analyzed data from Cisco Umbrella, the company’s cloud-based network security platform.

DNS, or domain name system, connects browsers to websites. DNS can be an attractive mechanism for malicious activities.

Among the DNS activity findings: Users in 70% of organizations got malicious browser ads. Furthermore, 51% of organizations encountered ransomware-related activity. Another 48% found information-stealing malware activity.

Cisco's Ben Nahorney

Cisco’s Ben Nahorney

Ben Nahorney is a threat intelligence analyst at Cisco Security.

“In today’s threat landscape, the idea that ‘no one is an island’ holds true for threats,” he said. “The most prevalent attacks these days leverage a variety of threats at different stages. For example, let’s look at how Emotet is often delivered by phishing in order to deploy Ryuk as a payload. If you find one threat within your network, it’s wise to investigate what threats have been observed working in tandem with it and take precautionary measures to prevent them from causing further havoc.”

Austin McBride is a data scientist at Cisco Umbrella.

“What I want to highlight most would be the growth in usage of multi-staged attacks,” he said. “If you get hit with Emotet, there is a good chance you could get hit with follow-up malware like ransomware. So, if you see Emotet or Ursnif/Gozi in your logs, you might want to be on the lookout for follow-up malware.”

Impact of Cryptomining

Cisco's Austin McBride

Cisco’s Austin McBride

Cryptomining impacted some 69% of organizations. That means at least one endpoint within an organization attempted to mine cryptocurrency above a minimum threshold.

“Organizational impact depends on the extent of mining happening in that environment,” McBride said. “At its most basic level, cryptomining can reduce the life of your hardware, clog your bandwidth, and drive up your AWS compute costs depending on how the miner has been configured. In the worst-case scenario, a malicious actor infiltrated your environment and set up a miner to make passive income while they perused your environment for data to exfiltrate or to exploit your environment further with follow-up malware. Bottom line, if you see a lot of cryptomining traffic, you should investigate to avoid a potential indicator of compromise (IOC).”

Our slideshow above shows the list of malicious DNS activity.

Let's block ads! (Why?)



"activity" - Google News
March 13, 2021 at 05:55AM
https://ift.tt/2Ot3qhV

Cisco Report: DNS Activity Shows Glut of Phishing, Trojans, More - Channel Futures
"activity" - Google News
https://ift.tt/3ddCXMh
https://ift.tt/2WkO13c

Bagikan Berita Ini

1 Response to "Cisco Report: DNS Activity Shows Glut of Phishing, Trojans, More - Channel Futures"

  1. Izin ya admin..:)
    Hanya Ada di DEWALOTTO semua bisa jadi jutawan jadi tunggu apa lagi yukkk...
    ADD WA +855 888765575Terima Kasih admint...:)

    ReplyDelete

Powered by Blogger.