topic Hackers use DNS tunneling for network scanning, tracking victims in Threats https://community.isc2.org/t5/Threats/Hackers-use-DNS-tunneling-for-network-scanning-tracking-victims/m-p/70327#M1196 <P>Hi All</P><P>&nbsp;</P><P>Threat actors&nbsp;are using&nbsp;Domain Name System (DNS) tunneling to track when their targets open phishing emails&nbsp;and click&nbsp;on malicious links, and&nbsp;to&nbsp;scan networks for potential vulnerabilities.</P><P>DNS tunneling&nbsp;is the encoding of&nbsp;data or commands that are sent and retrieved via DNS queries, essentially turning DNS, a fundamental network communication component, into a covert communications channel.</P><P>The threat actors encode the data in various ways, such as&nbsp;<A href="https://unit42.paloaltonetworks.com/dns-tunneling-in-the-wild-overview-of-oilrigs-dns-tunneling/" target="_blank" rel="nofollow noopener">Base16 or Base64</A>&nbsp;or custom textual encoding algorithms, so they can&nbsp;be returned&nbsp;when querying DNS records, such as TXT, MX, CNAME, and Address records.</P><P>&nbsp;</P><P><A href="https://www.bleepingcomputer.com/news/security/hackers-use-dns-tunneling-for-network-scanning-tracking-victims/" target="_blank">https://www.bleepingcomputer.com/news/security/hackers-use-dns-tunneling-for-network-scanning-tracking-victims/</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 14 May 2024 00:44:22 GMT Caute_cautim 2024-05-14T00:44:22Z Hackers use DNS tunneling for network scanning, tracking victims https://community.isc2.org/t5/Threats/Hackers-use-DNS-tunneling-for-network-scanning-tracking-victims/m-p/70327#M1196 <P>Hi All</P><P>&nbsp;</P><P>Threat actors&nbsp;are using&nbsp;Domain Name System (DNS) tunneling to track when their targets open phishing emails&nbsp;and click&nbsp;on malicious links, and&nbsp;to&nbsp;scan networks for potential vulnerabilities.</P><P>DNS tunneling&nbsp;is the encoding of&nbsp;data or commands that are sent and retrieved via DNS queries, essentially turning DNS, a fundamental network communication component, into a covert communications channel.</P><P>The threat actors encode the data in various ways, such as&nbsp;<A href="https://unit42.paloaltonetworks.com/dns-tunneling-in-the-wild-overview-of-oilrigs-dns-tunneling/" target="_blank" rel="nofollow noopener">Base16 or Base64</A>&nbsp;or custom textual encoding algorithms, so they can&nbsp;be returned&nbsp;when querying DNS records, such as TXT, MX, CNAME, and Address records.</P><P>&nbsp;</P><P><A href="https://www.bleepingcomputer.com/news/security/hackers-use-dns-tunneling-for-network-scanning-tracking-victims/" target="_blank">https://www.bleepingcomputer.com/news/security/hackers-use-dns-tunneling-for-network-scanning-tracking-victims/</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 14 May 2024 00:44:22 GMT https://community.isc2.org/t5/Threats/Hackers-use-DNS-tunneling-for-network-scanning-tracking-victims/m-p/70327#M1196 Caute_cautim 2024-05-14T00:44:22Z