Overview
Explore the world of DNS attacks in this informative conference talk from OWASP Global AppSec Tel Aviv. Delve into the toolsets and techniques used by notorious cybercriminal groups like OceanLotus, DNSpionage, and OilRig. Examine a decade of DNS-related attacks, uncovering the latest discovered techniques to improve detection and defense strategies. Learn about simplified examples of DNS attacks, different types of DNS attacks, and notable cases including the Chilean incident. Gain insights into recent DNS attacks from the past three years, understanding projects like Siren, Nest Analyst, and Dart Hydro. Investigate the motivations and methods of various threat actors, including financially-driven groups like Fin7 and Fin8, as well as state-sponsored entities such as APT32 Ocean Lotus. Discover common techniques like DNS tunneling and receive general recommendations for protecting against these threats. Conclude with a Q&A session to address any remaining questions about this critical aspect of cybersecurity.
Syllabus
Introduzione
Presentation
Research
What is DNS
Simplified Examples of DNS Attacks
Two types of DNS Attacks
The Chilean case
DNS attacks
Last 3 years
What is a Rig
Project Siren
Nest Analyst
Nest Chart
Dart Hydro
Iran
Fin 7 Financial Motivation
Fin 8 Data Mining
APT 32 Ocean Lotus
DNS Espionage
Sea Turtle
Common Things
DNS Tunneling
Common Techniques
General Recommendations
Questions
Taught by
OWASP Foundation