Mastodon Chapril

3 messages3 participants0 message aujourd’hui

Alejandro BaezI know people like using wildcard domains, but don't.🫠 They're a constant attack vector. Newest callrd <a href="https://fosstodon.org/tags/fastflux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fastflux</a> even uses MX to do discovery. Very clever. Terrible if impacted. ⚰️ <a href="https://arstechnica.com/security/2025/04/nsa-warns-that-overlooked-botnet-technique-threatens-national-security/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/security/2025/04/nsa-warns-that-overlooked-botnet-technique-threatens-national-security/</a>

Quad9DNS<a href="https://mastodon.social/tags/FastFlux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FastFlux</a> is back again!<a href="https://mastodon.social/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DNS</a> <a href="https://www.bleepingcomputer.com/news/security/cisa-warns-of-fast-flux-dns-evasion-used-by-cybercrime-gangs/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/cisa-warns-of-fast-flux-dns-evasion-used-by-cybercrime-gangs/</a>

PrivacyDigest<a href="https://mas.to/tags/NSA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NSA</a> warns “fast flux” threatens national <a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a>. What is fast flux anyway?A technique that hostile nation-states & financially motivated <a href="https://mas.to/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ransomware</a> groups are using to hide their operations poses a threat to critical <a href="https://mas.to/tags/infrastructure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infrastructure</a> & national security, the NSA has warned.The technique is known as <a href="https://mas.to/tags/FastFlux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FastFlux</a>. It allows decentralized networks operated by threat actors to hide their infrastructure and survive takedown attempts that would otherwise succeed <a href="https://mas.to/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#privacy</a><a href="https://arstechnica.com/security/2025/04/nsa-warns-that-overlooked-botnet-technique-threatens-national-security/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/security/2025/04/nsa-warns-that-overlooked-botnet-technique-threatens-national-security/</a>

IT NewsNSA warns “fast flux” threatens national security. What is fast flux anyway? - A technique that hostile nation-states and financially motivated ransomwar... - <a href="https://arstechnica.com/security/2025/04/nsa-warns-that-overlooked-botnet-technique-threatens-national-security/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/security/2025/04/nsa-warns-that-overlooked-botnet-technique-threatens-national-security/</a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://schleuss.online/tags/fastflux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fastflux</a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#biz</a>&it

The New Oil<a href="https://mastodon.thenewoil.org/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CISA</a> warns of <a href="https://mastodon.thenewoil.org/tags/FastFlux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FastFlux</a> <a href="https://mastodon.thenewoil.org/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DNS</a> evasion used by <a href="https://mastodon.thenewoil.org/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybercrime</a> gangs<a href="https://www.bleepingcomputer.com/news/security/cisa-warns-of-fast-flux-dns-evasion-used-by-cybercrime-gangs/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/cisa-warns-of-fast-flux-dns-evasion-used-by-cybercrime-gangs/</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

David J. Bianco (He/Him)In case you're not up-to-speed on what <a href="https://infosec.exchange/tags/FastFlux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FastFlux</a> <a href="https://infosec.exchange/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DNS</a> is, it's part of the arms race between attackers and defenders:THREAT ACTOR: This is my C2 IP BLUE TEAMER: Blocked at the firewallTA: Ok, well then, here's my C2 domain. I've rented 50k botnet nodes to use as proxies to my real C2 infrastructure, and I'm going to keep changing the IP the domain points to basically forever. Good luck blocking that. [FAST FLUX] BT: Blocked the domain's nameserver's IPs at the firewall🧵 <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

greyFriendly reminder that you should be blocking all newly registered domains for your end users. Free lists like the NRD (<a href="https://github.com/xRuffKez/NRD" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/xRuffKez/NRD</a>) exist. Microsoft Defender for Endpoint also has a built in list you can enable via policy.IMO everyone should do 365 days but even 30 or 90 will save you so much headache. <a href="https://infosec.exchange/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DNS</a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThreatIntel</a> <a href="https://infosec.exchange/tags/FastFlux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FastFlux</a>

Recherches récentes

Options de recherche

Administré par :

Statistiques du serveur :

#fastflux