Angler Lurking in the Domain Shadows
4
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2014 Cisco and/or its affiliates. All rights reserved. Angler Lurking in the Domain Shadows
-
Upload
cisco-security -
Category
Technology
-
view
603 -
download
2
Transcript of Angler Lurking in the Domain Shadows
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2014 Cisco and/or its affiliates. All rights reserved.
Angler Lurking in the Domain Shadows
Evasion Evolution Exploit Kit Evolution
• Static IP Address • Reg istered Domains
• Fast Flux DNS • Dynamic DNS
Fast Flux DNS
A1.2.3.4
34.1
• Domain Shadowing 1.2
bad.domain.corn 4.1.2.3
4.3.2.2
cJecg
doj!Ul(l
s.JbOornalns
hpec:aDaJ nu£
IJIUW-.t:lf411,1UIIUI I
TaLOS Domain Shadowing
Hijacke Legit Domain II'
1 _ 176 .3L156.152 .-::: I[ ._,. 17fi 51
Protecting the customer
• Cisco AMP & Network Security IDS & NGFW detected and blocked immediately
• Defense-in-Depth is still best approach to protect your environment
• Expect this technique to increase in popularity
• For more information and posts visit
htt ://blo s.cisco.com/talos
'
TaLOS
Product • • • AMP cws ESA N/A
Netwo Security
WSA
![Lurking and Listening: Exploring Annotation Readershipcs554m/Winter2012... · “We Are All Lurkers…” [R6] Lurking is normal; lurking is not even negative Lurkers as ‘indirect](https://static.fdocuments.net/doc/165x107/5ec36a081ceae5798f018d44/lurking-and-listening-exploring-annotation-readership-cs554mwinter2012-aoewe.jpg)
