may-20.jpg

Fighting Point-of-Sale (POS) Malware by Using DNS

If you haven’t heard of a DNS firewall, but are familiar with a “firewall”, you may want to first check out this blog to learn that even though a firewall is an important tool in the security arsenal, it is usually not enough to control malware infections and prevent data breaches.

 

Infoblox DNS Firewall helps organizations more effectively fight modern day threats, including POS Malware that favors DNS as the protocol over which to steal data. Infoblox DNS Firewall uses a threat intelligence feed, which automatically updates the DNS Firewall policy with observed and verified malicious Internet destinations. DNS Firewall takes action on endpoints attempting to connect to those known malicious destinations.

 

In addition, Infoblox Threat Insight, an optional feature set available for Infoblox appliances, uses streaming analytics to detect even the most sophisticated methods that embed data directly in DNS queries. This streaming analytics, unique to Infoblox, can automatically add malicious domains to the DNS Firewall block policy, thereby disrupting endpoint communications with these domains associated with data exfiltration.

 

Check out Infoblox’s Cyber Threat Advisory on the latest Multigrain POS malware in the downloadable document below.

 

Every organization has sensitive data and cannot easily pinpoint malicious insiders, which can end up putting the organization at risk for a data breach.The latest Verizon 2016 Data Breach Investigations Report revealed, “Insider incidents are the hardest (and take the longest) to detect. Of all the incidents, these insider misuse cases are the most likely to take months or years to discover…. What motivates them? Most frequently it is the potential for financial gain.”

 

As such, it would be in your best interest to test out Infoblox DNS Firewall and Infoblox Threat Insight solutions to verify:

1) If there are any malware C&C communications taking place using your recursive DNS and

2) If data is leaking out of your network over DNS queries unbeknownst to you.

 

You owe this much to your employees, customers and partners.

Showing results for 
Search instead for 
Do you mean