Save 40% on Coursera Plus Annual

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

WHOIS Your Daddy: Tracking Iranian-backed Cyber Operations with Passive DNS

Security BSides San Francisco via YouTube

Start learning Write review
CodeSignal Ad

JavaScript Programming for Beginners

Learn More → Datacamp Ad

Power BI Fundamentals - Create visualizations and dashboards from scratch

Learn More →

Overview

Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore how passive DNS data can uncover sophisticated Iranian-backed cyber operations through domain infrastructure analysis in this 21-minute conference talk. Discover how a single unique name server connected to Iran-nexus cyber activity reveals an extensive network of malicious name servers with potential nation-state connections. Learn the methodologies for tracking cyber threat actors by examining how one typosquatting domain can be traced through passive DNS analysis to expose multiple name servers actively used for malware distribution. Gain insights into the interconnected nature of threat actor infrastructure and understand how domain registration patterns and DNS relationships can reveal the scope and scale of state-sponsored cyber campaigns targeting various organizations and sectors.

Syllabus

BSidesSF 2025 - WHOIS Your Daddy: Tracking Iranian-backed Cyber Operations...(Austin Northcutt)

Taught by

Security BSides San Francisco

Reviews

Start your review of WHOIS Your Daddy: Tracking Iranian-backed Cyber Operations with Passive DNS

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.