Coursera Plus Annual is 40% Off — Ends July 6.

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

WHOIS Your Daddy: Tracking Iranian-backed Cyber Operations with Passive DNS

Security BSides San Francisco via YouTube

Start learning Write review
Scrimba Ad

Get 20% off all career paths from fullstack to AI

Learn More → TrainSec Ad

Learn EDR Internals: Research & Development From The Masters

Learn More →

Overview

AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Explore how passive DNS data can uncover sophisticated Iranian-backed cyber operations through domain infrastructure analysis in this 21-minute conference talk. Discover how a single unique name server connected to Iran-nexus cyber activity reveals an extensive network of malicious name servers with potential nation-state connections. Learn the methodologies for tracking cyber threat actors by examining how one typosquatting domain can be traced through passive DNS analysis to expose multiple name servers actively used for malware distribution. Gain insights into the interconnected nature of threat actor infrastructure and understand how domain registration patterns and DNS relationships can reveal the scope and scale of state-sponsored cyber campaigns targeting various organizations and sectors.

Syllabus

BSidesSF 2025 - WHOIS Your Daddy: Tracking Iranian-backed Cyber Operations...(Austin Northcutt)

Taught by

Security BSides San Francisco

Reviews

Start your review of WHOIS Your Daddy: Tracking Iranian-backed Cyber Operations with Passive DNS

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.