Good example why your security team needs real-time dns logs.
“... Here’s a simple illustration: If criminals assign www.uniquedomain.org a set of IP addresses that change every 150 seconds, users who access www.uniquedomain.org are actually connecting to different infected machines every single time...”
https://twitter.com/malwarebytes/status/940884072649445377?s=21
No comments:
Post a Comment