[DNSFilter September Newsletter] You updated your iPhone, right?

ways malware actors abuse dns webinar image

Before we begin: Your Apple devices need to be updated

In case you missed the article from Citizen Lab and the patch update from Apple: You need to update your systems to macOS Big Sur 11.6, iOS 14.8, and watchOS 7.6.2. This is obviously critical for corporate offices (DNSFilter exclusively uses Macs, so we get it), but you also need to update your personal devices.

The NSO group is behind this zero-click Apple messenger vulnerability. If you’re a Darknet Diaries fan (like we are), you’re already well aware of NSO. Back in July, we actually started adding known NSO spyware domains to our “Trackers” category.

So if you’re looking for an additional layer of protection, adding this “Trackers” category to your block list can do just that. Learn more about our "Trackers" category here.

block trackers with dnsfilter and increase zero-click seurity

With that out of the way...

C2, CNC, Command & Control—Whatever you call it! What is it?

C2 servers are an important part of malware attacks. We’ll touch on them in our webinar later today, but here we want to go into detail. Also known as CNC, these abbreviations stem from the full name: Command and Control. Taking its name from the military term, NATO defined Command and Control as “the exercise of authority and direction by a properly designated individual over assigned resources in the accomplishment of a common goal.”

In this case, the authorities are threat actors and the common goal is a malicious one.

What are C2 servers? They are the servers contacted by a compromised host (a device with malware on it) and the attack servers. The attack server and compromised device communicate over a C2 channel, and the communication is mostly done over trusted traffic such as DNS. The infected host receives commands from the C2 server. The command might be to deploy the attack, begin data exfiltration, or to sit and wait.

Keep reading about C2 attacks.

Spotlight on: DNSFilter’s Relay

Our Knowledge Base has plenty of helpful articles to help you with the more technical aspects of a deployment.

You might be familiar with our Network or Roaming Client deployment. But there is a third way to deploy DNSFilter that gives you blanket protection possible at the network-level but with the granularity of end device protection: the DNSFilter Relay.

Relying on the Relay also means you can enforce individual device policies via static IPs without installing individual Roaming Clients.

In this deployment, DNS requests are performed by way of the Relay (essentially a proxy) where policy enforcement and reporting is logged. The Relay is available as a virtual machine (this is our recommended option), Docker container, or binary.

Full implementation instructions can be found here.

Are you concerned with finding out what’s the latest with DNSFilter? Check out our Changelog.

dnsfilter newsletter inbox insights
  • There are no suggestions because the search field is empty.
Latest posts
An Interview With DNSFilter’s New CTO, TK Keanini An Interview With DNSFilter’s New CTO, TK Keanini

In exciting news, DNSFilter recently hired TK Keanini to fill the role of Chief Technology Officer (CTO). TK has over 30 years of experience in network security and most recently served as the Vice President of security architecture and CTO of Cisco Secure. In his new role, TK will lead product management, customer experience, engineering, and security intelligence toward ongoing innovation and growth, focusing on customer needs and feedback to d...

The Intersection of 5G, Public Wi-Fi, and Network Security: Who’s at Risk? The Intersection of 5G, Public Wi-Fi, and Network Security: Who’s at Risk?

The transition from 4G to 5G is revolutionizing the way we connect and communicate, promising unprecedented speed, capacity, and low latency. However, this evolution also brings its own set of challenges, particularly concerning network coverage and security.

Revving up the Fun: DNSFilter's IndyCar Experience Recap—Detroit Grand Prix Edition Revving up the Fun: DNSFilter's IndyCar Experience Recap—Detroit Grand Prix Edition

This past weekend, we had the incredible opportunity to host guests at the Detroit Grand Prix. With representatives from Trace3, Guidepoint, Connection, and Judy Security, the event brought together tech experts and channel professionals for an exhilarating experience.

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.