Intel Name: No way to hide: uncovering new campaigns from daily tunneling detection
Date of Scan: October 7, 2024
Impact: Medium
Summary: The article “No Way to Hide: Uncovering New Campaigns from Daily Tunneling Detection” reveals four previously undisclosed DNS tunneling campaigns identified through a new monitoring system. This system detects potentially malicious tunneling domains by analyzing patterns and attributes associated with past campaigns. DNS tunneling allows threat actors to bypass firewalls and covertly exfiltrate data. The research emphasizes the system’s ability to uncover connections between new and existing campaigns, enhancing overall network security. This allows the information to bypass traditional network firewalls and establish covert communication channels for data exfiltration and infiltration.
