Share this
[DNSFilter September Newsletter] You updated your iPhone, right?
by DNSFilter on Sep 15, 2021 12:00:00 AM
Before we begin: Your Apple devices need to be updated
In case you missed the article from Citizen Lab and the patch update from Apple: You need to update your systems to macOS Big Sur 11.6, iOS 14.8, and watchOS 7.6.2. This is obviously critical for corporate offices (DNSFilter exclusively uses Macs, so we get it), but you also need to update your personal devices.
The NSO group is behind this zero-click Apple messenger vulnerability. If you’re a Darknet Diaries fan (like we are), you’re already well aware of NSO. Back in July, we actually started adding known NSO spyware domains to our “Trackers” category.
So if you’re looking for an additional layer of protection, adding this “Trackers” category to your block list can do just that. Learn more about our "Trackers" category here.
With that out of the way...
C2, CNC, Command & Control—Whatever you call it! What is it?
C2 servers are an important part of malware attacks. We’ll touch on them in our webinar later today, but here we want to go into detail. Also known as CNC, these abbreviations stem from the full name: Command and Control. Taking its name from the military term, NATO defined Command and Control as “the exercise of authority and direction by a properly designated individual over assigned resources in the accomplishment of a common goal.”
In this case, the authorities are threat actors and the common goal is a malicious one.
What are C2 servers? They are the servers contacted by a compromised host (a device with malware on it) and the attack servers. The attack server and compromised device communicate over a C2 channel, and the communication is mostly done over trusted traffic such as DNS. The infected host receives commands from the C2 server. The command might be to deploy the attack, begin data exfiltration, or to sit and wait.
Keep reading about C2 attacks.
Spotlight on: DNSFilter’s Relay
Our Knowledge Base has plenty of helpful articles to help you with the more technical aspects of a deployment.
You might be familiar with our Network or Roaming Client deployment. But there is a third way to deploy DNSFilter that gives you blanket protection possible at the network-level but with the granularity of end device protection: the DNSFilter Relay.
Relying on the Relay also means you can enforce individual device policies via static IPs without installing individual Roaming Clients.
In this deployment, DNS requests are performed by way of the Relay (essentially a proxy) where policy enforcement and reporting is logged. The Relay is available as a virtual machine (this is our recommended option), Docker container, or binary.
Full implementation instructions can be found here.
Are you concerned with finding out what’s the latest with DNSFilter? Check out our Changelog.
Share this
Categories
- Featured (258)
- Protective DNS (18)
- IT (13)
- IndyCar (9)
- Cybersecurity Brief (7)
- AI (6)
- Content Filtering (6)
- Deep Dive (6)
- IT Challenges (5)
- Public Wi-Fi (5)
- Roaming Client (4)
- Team (4)
- Compare (3)
- Malware (3)
- Tech (3)
- Anycast (2)
- Events (2)
- Machine Learning (2)
- Phishing (2)
- Ransomware (2)
- Tech Stack (2)
- MSP (1)
- Secure Web Gateway (1)
Automation is no longer optional for companies looking to scale and operate their cyber defenses. It enables organizations to do more with less, eliminating rote and mundane tasks to free up valuable human resources for more strategic initiatives. However, if not used carefully, automation can amplify existing problems, making something bad even worse. So, how can we use automation effectively and safely?
Our final race weekend at the Music City Grand Prix was an adrenaline-pumping experience that perfectly blended speed, technology, and unforgettable moments. It was a weekend full of thrills, camaraderie, and lightning-fast Wi-Fi in Nashville. Here’s a rundown of the highlights:
As education relies more heavily on technology, the importance of ensuring the safety and media literacy of students continues to grow. Educational environments must navigate a complex landscape of online content, balancing the need for open access to information with the necessity of protecting students from harmful, inappropriate, or inaccurate material. Digital safety encompasses protecting students from online threats such as cyberbullying, m...