Domain name system (DNS) tunneling is a pervasive threat that enables hackers to get any data in and out of a company’s internal network while bypassing most firewalls. The domain name system translates numeric internet protocol addresses that browsers can then use to load web pages — threat actors use tunneling to exploit this process and steal data by hiding it inside DNS traffic.

Most DNS attacks focus on spoofing or misdirection, where an attacker either feeds false information to DNS servers or convinces other systems to query a hostile DNS server instead of a legitimate one. But DNS tunneling essentially smuggles hostile traffic through DNS ports, which makes these attacks difficult to detect and mitigate.

To read this article in full, please click here

Read More

In my last CSO article, I looked at a few challenges related to enterprise threat intelligence programs. Security pros pointed to issues like dealing with too many manual processes, sorting through noisy threat intelligence feeds, establishing clear ROI benefits, and managing threat intelligence programs that are little more than an academic exercise for the cyber-threat intelligence (CTI) team.

6 phases of an effective threat intelligence program

Given these pervasive challenges, it’s logical to ask: What does a strong threat intelligence program look like? While different organizations may answer this question with their own unique perspective, one common trait is that successful CTI programs follow an established threat intelligence lifecycle across six phases. (Note: Some threat intelligence lifecycle models are composed of five phases as they combine items 5 and 6 below):

To read this article in full, please click here

Read More

Bremen shipbuilder Lürssen tight-lipped on details

Read More

FTSE 350 firms on a par with global peers

Read More