Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore the specialized world of DNS-based cybersecurity through this 25-minute conference presentation that introduces Infoblox's Threat Intelligence team and their unique approach to threat detection. Learn how DNS expertise enables superior security protection as the presenter examines the evolving threat landscape and emerging attack vectors. Discover Infoblox's original intelligence methodology, including their reputation system that analyzes newly registered domains and clusters suspicious ones based on registration patterns and name server behavior. Understand how human researchers investigate these clusters to identify and track threat actors, building robust signatures that follow adversaries as they adapt their tactics. Gain insights into the "protection before impact" approach, where 75% of malicious domains are identified before any customer queries are made, achieved by observing threat actor infrastructure as it's being built. Delve deep into the growing threat of malvertising and sophisticated Traffic Distribution Systems (TDS) that function like legitimate ad-tech platforms while serving malicious content. Examine how these systems use cloaking techniques to profile visitors and redirect them to scams, info-stealers, or fake software updates based on specific criteria. Learn about major threat actors like Vextrio (Los Pollos), a sophisticated cartel running massive TDS operations, and explore the persistent challenges of lookalike domains across 1,300+ top-level domains. Discover advanced command-and-control techniques where compromised websites use DNS text records to covertly fetch malicious redirect URLs, illustrating the complexity of modern threats and the critical role of specialized DNS protection in disrupting attack chains.
