Sign up to save your podcasts
Or
Share Threat Hunting Malware Communication over DNS
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Threat Hunting Malware Communication over DNS
Are attackers hiding in your DNS traffic right now?
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –Â
https://poweredbybhis.com
Chapters
- (00:00) - Intro - Threat Hunting Malware Communication over DNS
Join instructor Faan Rossouw for a free one-hour training on hunting malware that uses DNS as a covert communication channel.
C2 frameworks, RATs, and backdoors frequently exploit DNS to stay hidden - sometimes for months. High-profile attacks like SolarWinds' Sunburst demonstrate just how devastating undetected DNS exfiltration can be.
This Antisyphon Anti-Cast focuses on behavior-based threat hunting techniques that go beyond signatures to uncover suspicious DNS activity attackers think they've hidden.
You'll learn how to:
* Recognize network artifacts that DNS tunneling produces
* Identify anomalies in DNS record types that signal malicious use
* Leverage open-source tools like Zeek, RITA, and Sysmon to detect malware abusing DNS
* Build detection strategies that make it very hard for DNS-based threats to remain hidden
If you're ready to stop trusting DNS and start verifying it, this session will give you the practical skills to hunt what's lurking in your network.
Brought to you by:
Black Hills Information SecurityÂ
https://www.blackhillsinfosec.com
Antisyphon Training
https://www.antisyphontraining.com/
Active Countermeasures
https://www.activecountermeasures.com
Wild West Hackin Fest
https://wildwesthackinfest.com
View all episodes
By Antisyphon TrainingAre attackers hiding in your DNS traffic right now?
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –Â
https://poweredbybhis.com
Chapters
- (00:00) - Intro - Threat Hunting Malware Communication over DNS
Join instructor Faan Rossouw for a free one-hour training on hunting malware that uses DNS as a covert communication channel.
C2 frameworks, RATs, and backdoors frequently exploit DNS to stay hidden - sometimes for months. High-profile attacks like SolarWinds' Sunburst demonstrate just how devastating undetected DNS exfiltration can be.
This Antisyphon Anti-Cast focuses on behavior-based threat hunting techniques that go beyond signatures to uncover suspicious DNS activity attackers think they've hidden.
You'll learn how to:
* Recognize network artifacts that DNS tunneling produces
* Identify anomalies in DNS record types that signal malicious use
* Leverage open-source tools like Zeek, RITA, and Sysmon to detect malware abusing DNS
* Build detection strategies that make it very hard for DNS-based threats to remain hidden
If you're ready to stop trusting DNS and start verifying it, this session will give you the practical skills to hunt what's lurking in your network.
Brought to you by:
Black Hills Information SecurityÂ
https://www.blackhillsinfosec.com
Antisyphon Training
https://www.antisyphontraining.com/
Active Countermeasures
https://www.activecountermeasures.com
Wild West Hackin Fest
https://wildwesthackinfest.com