here's a PSA: If you use #terraform and you are thinking of using #Infoblox - don't. Their terraform provider is pretty terrible, the documentation is worse, and they are extremely unhelpful to even paying customers.

Infoblox scopre Decoy Dog, una minaccia informatica che funziona segretamente da un anno

Gli #esperti di #Infoblox hanno scoperto un nuovo set di #malware chiamato “Decoy Dog”. #DecoyDog aiuta gli aggressori a eludere i metodi di rilevamento #standard attraverso l’”invecchiamento del dominio” strategico e la clonazione delle query DNS e per creare una buona reputazione con i fornitori di sicurezza.

I #ricercatori di #Infoblox hanno scoperto tale #malware all’inizio di questo mese analizzando oltre 70 miliardi di record #DNS alla #ricerca di segni di attività sospette.

#redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #privacy #infosecurity

https://www.redhotcyber.com/post/infoblox-scopre-decoy-dog-una-minaccia-informatica-che-funziona-segretamente-da-un-anno/

The list of top #domains by DNSFilter (https://github.com/DNSFilter/topdomains) is a great data source to generate sample data in Infoblox's #B1TD CSP (https://csp.infoblox.com/)
#Infoblox #DNS #DHCP #IPAM #DDI #demo #lab

Infoblox has released a new threat intel quarterly report with new material on registrar reputation, name server reputation, and two reprints of our European papers. For the registrars and name servers, instead of the usual 'here are some bad ones', the team looked at infrastructure that was consistently high risk over six months and then provided a short dive into the top ones. This extra content gives a better sense of what is really happening in these high risk or abuse systems... and the variation is interesting (to me at least). There is a sign wall, but it is worth the read. #infoblox #dnssec #dns #threatintel #phishing #malware #datascience #infosec https://info.infoblox.com/resources-whitepapers-infoblox-q4-2022-cyberthreat-intelligence-report

Hands down the most frequent question is get is "what is your false positive rate?". Absolutely the wrong question to ask. Here i try to give everyone an intuition for FP in machine learning, but also posit that, when intel is done right, they often don't matter. #dns #infoblox #threatintel #infosec #datascience #machinelearning https://blogs.infoblox.com/cyber-threat-intelligence/false-positives-are-overrated/

It's amazing how up on the news bad actors are... we've released a bunch of iindicators associated with the disaster in Türkiye and Syria and a short blog describing some of the activity. #infoblox #threatintel #dns #phishing #turkiye #turkey #syria #earthquake https://blogs.infoblox.com/cyber-threat-intelligence/scammers-first-on-the-scene-for-turkiyes-disaster-of-the-century/

So far we have only deployed #IPv6 in dual-stack mode. I really want to push for IPv6-only now, but I'm not sure if we have all the necessary pieces in place. We can set up #DNS64 on our #Infoblox cluster, but I'm not sure if any of our Cisco routers are actually capable of doing #NAT64.
#CiscoLiveEMEA

If you are in the #Raleigh #NorthCarolina area, and you use or are interested in #Infoblox, I will be presenting at the next Raleigh Area Infoblox User Group Meeting, which will be happening on Jan 26. Let's talk about #DNS and #Ansible!
(#IPAM, #Automation #ITInfrastructure #Cloud #CloudAutomation)
https://info.infoblox.com/ams-fev-q2fy23-secnet-raleighusergroup-20230126_register.html

Working on a company-wide #PowerShell Module for CRUD-Operations with #Infoblox IPAM API. The most important finding is an API documentation with good examples. Infoblox has a community on https://community.infoblox.com and I found a PDF with good examples on https://www.infoblox.com/wp-content/uploads/infoblox-deployment-infoblox-rest-api.pdf - now I'm a Happy-Infoblox-Scripter 😀

I thought this article on the return of Glupteba trojan malware was pretty good. Of particular interest to me was their statement that "Glupteba is a backdoor trojan that is downloaded via Pay-Per-Install networks – online ad campaigns that prompt software or application downloads – in infected installers or software cracks.". It turns out that the malicious ad network they refer to (at least one) is the actor Vextrio that we published in August. Vextrio compromises WordPress sites and we have seen it deliver various malware and scams. I love when independent approaches, Nozomi using blockchain and us using DNS, come together. #dns #phishing #malware #threatintel #infoblox #trojan #adware #malvertising https://www.nozominetworks.com/blog/tracking-malicious-glupteba-activity-through-the-blockchain/ https://blogs.infoblox.com/cyber-threat-intelligence/cyber-threat-advisory/vextrio-ddga-domains-spread-adware-spyware-and-scam-web-forms/

I thought this article on the return of Glupteba trojan malware was pretty good. Of particular interest to me was their statement that "Glupteba is a backdoor trojan that is downloaded via Pay-Per-Install networks – online ad campaigns that prompt software or application downloads – in infected installers or software cracks.". It turns out that the malicious ad network they refer to (at least one) is the actor Vextrio that we published in August. Vextrio compromises WordPress sites and we have seen it deliver various malware and scams. I love when independent approaches, Nozomi using blockchain and us using DNS, come together. #dns #phishing #malware #threatintel #infoblox #trojan #adware #malvertising https://www.nozominetworks.com/blog/tracking-malicious-glupteba-activity-through-the-blockchain/ https://blogs.infoblox.com/cyber-threat-intelligence/cyber-threat-advisory/vextrio-ddga-domains-spread-adware-spyware-and-scam-web-forms/

So what do we have on the list for today ... #infoblox #python fun is the first one. Troubleshooting of #mpls routing issues is 2nd. Pretty sure the whole bunch of new items will pop up after 10am meeting. #GoodMorningMastodon !