ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms

December 11, 2024 at 09:42AM Cybersecurity researchers have identified an updated version of ZLoader malware, which now uses a DNS tunnel for communication. It features improved resilience against detection, interactive capabilities for attacks, and updates to evade analysis. ZLoader is increasingly linked to Black Basta ransomware, highlighting its role in facilitating cyberattacks. ### Meeting Takeaways … Read more

DigiCert to Acquire Vercara

August 14, 2024 at 03:09PM DigiCert, backed by Clearlake, Crosspoint, and TA, will acquire Vercara from Golden Gate Capital and GIC. The acquisition will expand DigiCert’s capabilities to protect organizations from cyberattacks. The acquisition aims to provide customers with unified DNS and certificate management experience, enhancing digital trust. The acquisition is expected to close this … Read more

BIND Updates Resolve High-Severity DoS Vulnerabilities

July 25, 2024 at 09:09AM ISC announced BIND security updates to address four high-severity vulnerabilities (CVE-2024-0760, CVE-2024-1737, CVE-2024-1975, and CVE-2024-4076) in the DNS software suite with a CVSS score of 7.5. These flaws could lead to server instability, performance degradation, CPU resource exhaustion, and unexpected termination of BIND’s component. The updates are available for BIND … Read more

Chinese Actor SecShow Conducts Massive DNS Probing on Global Scale

June 11, 2024 at 10:51AM Cybersecurity researchers have unveiled the activities of a Chinese threat actor called SecShow, targeting open DNS resolvers globally, potentially for malicious purposes. Meanwhile, a financially-motivated threat actor advertises a botnet service, Rebirth, targeting game servers for DDoS attacks. This reflects an increasing trend of cyber threats targeting gaming communities for … Read more

‘Savvy Seahorse’ Hackers Debut Novel DNS CNAME Trick

February 28, 2024 at 09:07AM A new threat actor executes an innovative investment scam through a sophisticated traffic distribution system (TDS), leveraging the DNS to sustain ever-changing malicious domains. The scam impersonates major brands, luring victims through multilingual Facebook ads. The TDS, supported by CNAME records, provides resilience and evasion against takedowns, posing a significant … Read more