protective dns Archives | DNS Security & Threat Intelligence Blog | Shreshta

What is a DNS Firewall?

Swapneel Patnekar — Tue, 06 Feb 2024 17:03:54 +0000

A DNS firewall also known as Protective DNS is an enterprise network security solution. It filters and manages DNS queries and responses. It protects organizations from cyber threats. These threats include phishing, malware, cryptojacking, domain generation algorithms(DGA), command and control (C2) domain names. It determines which domain names users can access based on set rules […]

The post What is a DNS Firewall? appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

Having Teen Patti fun? Beware of malware apps!

Swapneel Patnekar — Sat, 03 Feb 2024 08:55:01 +0000

Having Teen Patti fun? Beware of malware apps! Shreshta Threat Intelligence team have detected many websites providing Teen Patti game downloads infected with malware. About Teen Patti Teen Patti is a gambling card game. Teen Patti originated in India and is popular throughout South Asia. It evolved from the English game of three-card brag, with […]

The post Having Teen Patti fun? Beware of malware apps! appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

Recently registered domains – Free Download Daily Domains List‎

Shreshta Threat Research — Thu, 01 Feb 2024 07:27:46 +0000

The appeal of recently registered domain names for Cybercriminals Recently registered domains or Newly registered domain names(NRD) are attractive to cybercriminals for several reasons. First, they are relatively cheap and easy to obtain, making them an ideal choice for those looking to carry out malicious activities. Second, because they are new, they have no reputation. Additionally, these […]

The post Recently registered domains – Free Download Daily Domains List‎ appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

National Crime Records Bureau – Your browser has been locked

Swapneel Patnekar — Fri, 12 Jan 2024 07:43:19 +0000

Executive Summary Threat actors use every method to achieve their motives. The motives vary from financial, espionage, destruction, etc. The Police Trojan website is a classic example of a website impersonating the National Crime Records Bureau with a fake message “Your browser has been locked” and using scareware techniques to make users pay for accessing […]

The post National Crime Records Bureau – Your browser has been locked appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

Phishing scam aimed at Flipper Zero India enthusiasts

Swapneel Patnekar — Thu, 04 Jan 2024 13:17:07 +0000

Executive Summary Shreshta threat intelligence team has uncovered a phishing scam aimed at Flipper Zero India enthusiasts interested in buying a Flipper Zero. The phishing websites lure users with fake flipper zero discount code offers. Do you believe threat actors limit their focus solely to non-technical users? Think again! Infosec community and enthusiasts are also […]

The post Phishing scam aimed at Flipper Zero India enthusiasts appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

The rise of phishing attacks targeting Adobe users in India

Swapneel Patnekar and Pranay Patil — Tue, 26 Dec 2023 07:38:49 +0000

Executive Summary Shreshta Threat Intelligence has uncovered a rise in phishing attacks targeting Adobe users in India. The attack begins by sending emails to employees working at Micro Small and Medium Enterprises(MSME), large enterprises, and luring them to click on a link which impersonates a Purchase Order or a Work Order document. The attack uses […]

The post The rise of phishing attacks targeting Adobe users in India appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

Phishing targeting Microsoft Outlook users

Pranay Patil — Fri, 27 Jan 2023 17:33:01 +0000

Security researchers at Shreshta IT, using our threat intelligence platform SDINET, have identified a phishing website targeting users of Microsoft Outlook. About Microsoft Outlook Outlook.com is a webmail service that is part of the Microsoft 365 product family. It offers mail, calendaring, contacts, and tasks services.1 Phishing page impersonating Outlook login – www[.]newoutlook[.]email Phishing page […]

The post Phishing targeting Microsoft Outlook users appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

LK domain name abused by threat actors

Swapneel Patnekar — Tue, 29 Nov 2022 07:09:04 +0000

Before we deep dive into how attackers target .lk domains using domain shadowing attack, first, a primer on registration of a domain name under .lk namespace. tl;dr registration of a domain name under .lk namespace is regulated The domain registration policy says the LK registry may ask for documents supporting the request for a domain […]

The post LK domain name abused by threat actors appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

Phishing Campaign – Adidas and Nike

Swapneel Patnekar — Fri, 23 Sep 2022 11:31:14 +0000

Shreshta threat intelligence team has detected a phishing campaign wherein the threat actors have registered domain names impersonating brands such as Adidas and Nike. Adidas AG is a German multinational corporation, founded and headquartered in Herzogenaurach, Bavaria, that designs and manufactures shoes, clothing and accessories. It is the largest sportswear manufacturer in Europe, and the […]

The post Phishing Campaign – Adidas and Nike appeared first on DNS Security & Threat Intelligence Blog | Shreshta.