What tracking an attacker email infrastructure tells us about persistent cybercriminal operations

Found 78 days ago at Microsoft Press

By tracing these campaigns, we uncovered a sprawling infrastructure that is robust enough to seem legitimate to many mail providers, while flexible enough to allow the dynamic generation of new domain names and remain evasive. Shared IP space, domain generation algorithm DGA patterns, subdomains, registrations metadata, and signals from the headers of malicious emails enabled us to validate our...

Read the article at Microsoft Press

More Office News