DNS spoofing, or DNS cache poisoning, is a cyber attack where false Domain Name System (DNS) information is introduced into a DNS resolver's cache. This causes DNS queries to return an incorrect response, which commonly redirects users from a legitimate website to a malicious website designed to steal sensitive information or install malware.

The most critical element in combating malicious attempts on technology today is visibility. When considering the sheer amount of various cloud, firewall, IDS/IPS, anti-virus, etc. offerings, integrations are a necessity to enable effective security.

Digital attacks continue to exploit coronavirus 2019 (COVID-19) as part of their malicious operations. On May 5, 2020, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) along with the United Kingdom’s National Cyber Security Centre (NCSC) published a joint alert in which they revealed that they had witnessed APT actors targeting local governments, academia and pharmaceutical companies.

For most practical uses today, a combination of hardening and vulnerability detection is required to secure even the most basic digital environment. In each area it is important to see the progress you’re making in these competencies so that you can improve and build on the work you and your team have done over time. But with so many assets in your digital environment, how do you score the effectiveness of these security measures?

Have you ever been around someone who is just better at something than you are? Like when you were in school and there was this person who was effortless at doing things correctly? They had great study habits, they arrived on time, they were prepared and confident in the materials that they studied in class, and they were a consistently high performer at every stage?

Monitoring all DNS requests in your network, including those that were blocked by (e.g., by a firewall) is a great way to increase visibility, enforce compliance and detect threats. A common problem with collecting DNS logs is that DNS server logs are notoriously hard to parse. Also, parsing only the logs of your DNS servers leaves a blind spot when it comes to usage of, or the attempt to use, an external DNS server like Google's 8.8.8.8.

In part one of this two-part blog series, we discussed seven reasons security configurations are an important part of an organization’s security posture. In this part, we’ll look at eight security configurations that can help with ensuring comprehensive control over the endpoints, avoiding vulnerabilities, deploying security configurations, and automating a number of verticals of endpoint security.

The Report Sheds Light on Data Loss Prevention Challenges and Identifies the Use Cases for Integrated DLP vs. Enterprise DLP Solutions. A recent report published by Gartner titled “How to Choose Between Enterprise DLP and Integrated DLP Approaches” (Gartner subscription required) found that “the data loss prevention market includes products with DLP capabilities integrated in security products or SaaS applications, as well as cohesive enterprise DLP suites.