All connected devices rely on the Domain Name System (DNS), translating human-readable hostnames into network-routable IP addresses. But two recent attack campaigns primarily in the Middle East and North Africa have focused on redirecting requests and hijacking DNS as a mechanism to achieve their wider goals, and demonstrate the risk posed when DNS integrity is compromised.
In a 2018 blog post DNSpionage Campaign Targets Middle East, Talos research outlined the delivery method used to compromise targeted systems in the first of these campaigns, along with a walkthrough of how valid domains were maliciously redirected. In an update on April 17 of this year, Talos shared further research on a separate campaign (dubbed “Sea Turtle”) that is directly targeting registrars, and have wider risk implications.
Martin Lee will join Sean Frazier in this detailed session describing the findings of his research, and they will then discuss how zero-trust principles can help organizations reduce their risk from similar attacks.
Sean Frazier has spent 25 years in technology; spending most of those years working in cyber security in the public sector with companies like Netscape, Loudcloud/Opsware, Bluebox and Mobileiron.