#NetworkScanning

DNS Tunneling Abuse Expands to Tracking & Scanning Victims

by

May 14, 2024 at 10:07AM Attackers are exploiting DNS tunneling to track victims’ network activity and infrastructure vulnerabilities. This advanced technique enables them to hide malicious data within legitimate outbound DNS traffic, evading traditional detection methods. Researchers have identified campaigns using DNS tunneling for tracking user behavior and network scanning, urging organizations to control resolver … Read more

Hackers use DNS tunneling for network scanning, tracking victims

by

May 13, 2024 at 01:56PM Threat actors use DNS tunneling to track targets’ interactions with phishing emails, scan networks for vulnerabilities, and bypass firewalls. They encode data in DNS queries using algorithms like Base16 or Base64. “TrkCdn” and “SecShow” campaigns demonstrate how attackers track victims and scan networks using DNS tunneling. Unit 42 recommends DNS … Read more