Iron Castle Systems

Skip to content

VMware
AWS
Powershell
Security
Projects
Misc.
Client Access
About

Search for:

Noticing command and control channels by reviewing DNS protocols, (Mon, Nov 13th)

November 13, 2023 David Leave a comment

This post was originally published on this site

Malicious software pieces installed in computers call home. Some of them can be noticed because they perform DNS lookup and some of them initiates connection without DNS lookup. For this last option, this is abnormal and can be noticed by any Network Detection and Response (NDR) tool that reviews the network traffic by at least two weeks.

Post navigation

Previous PostVisual Examples of Code Injection, (Thu, Nov 9th)Next Post#StopRansomware: Rhysida Ransomware

Leave a Reply Cancel reply

You must be logged in to post a comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

VMware

Datastore - VMName-flat.vmdk keeps on expanding April 19, 2024
I want to remove the last esxi 7 host with VDS from a cluster April 19, 2024
VMesxi8.0.2 - No compatible network adapter found April 19, 2024
Malware protection Akira April 19, 2024
Mellanox Weird Error April 18, 2024

SANS Security

ISC Stormcast For Friday, April 26th, 2024 https://isc.sans.edu/podcastdetail/8956, (Fri, Apr 26th) April 26, 2024
ISC Stormcast For Thursday, April 25th, 2024 https://isc.sans.edu/podcastdetail/8954, (Thu, Apr 25th) April 25, 2024
Does it matter if iptables isn't running on my honeypot?, (Thu, Apr 25th) April 25, 2024
ISC Stormcast For Wednesday, April 24th, 2024 https://isc.sans.edu/podcastdetail/8952, (Wed, Apr 24th) April 24, 2024
API Rug Pull - The NIST NVD Database and API (Part 4 of 3), (Wed, Apr 24th) April 24, 2024

AWS

Meta Llama 3 models are now available in Amazon Bedrock April 23, 2024
Guardrails for Amazon Bedrock now available with new safety filters and privacy controls April 23, 2024
Agents for Amazon Bedrock: Introducing a simplified creation and configuration experience April 23, 2024
Amazon Bedrock model evaluation is now generally available April 23, 2024
Import custom models in Amazon Bedrock (preview) April 23, 2024

Microsoft

Leading in the era of AI: How Microsoft’s platform differentiation and Copilot empowerment are driving AI Transformation April 24, 2024
Manufacturing for tomorrow: Microsoft announces new industrial AI innovations from the cloud to the factory floor April 17, 2024
Microsoft and G42 partner to accelerate AI innovation in UAE and beyond April 16, 2024
Announcing new Microsoft AI Hub in London April 8, 2024
Advancing science: Microsoft and Quantinuum demonstrate the most reliable logical qubits on record with an error rate 800x better than physical qubits April 3, 2024

Iron Castle Systems

Tag Cloud

AWS
Microsoft
Powershell
SANS
Security
Virtualization
VMware

Recent Posts

Does it matter if iptables isn't running on my honeypot?, (Thu, Apr 25th) April 24, 2024
API Rug Pull – The NIST NVD Database and API (Part 4 of 3), (Wed, Apr 24th) April 23, 2024
Struts "devmode": Still a problem ten years later?, (Tue, Apr 23rd) April 23, 2024
Guardrails for Amazon Bedrock now available with new safety filters and privacy controls April 23, 2024
Agents for Amazon Bedrock: Introducing a simplified creation and configuration experience April 23, 2024

Archives

Iron Castle System info@ironcastle.net Proudly powered by WordPress Theme - twentyfourteen

Manage Cookie Consent

To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.

Functional Functional Always active

The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.

Preferences Preferences

The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.

Statistics Statistics

The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.

Marketing Marketing

The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.

Manage options Manage services Manage {vendor_count} vendors Read more about these purposes

View preferences

{title} {title} {title}