A posting from Dark Reading about Malware and three Signs Revealed In DNS Traffic: Companies focus much of their energy on hardening computer systems against threats and stopping attempts to breach their systems’ security, and rightfully so. However, companies should always assume that the attackers have already successfully compromised systems and look for the telltale signs of such a breach.
Because malware is increasingly using a variety of domain techniques to foil takedown efforts and make their command-and-control servers harder to locate, DNS traffic becomes a good indicator of compromise, say security experts. Monitoring the network for strange DNS behavior can help pinpoint infections, says Patrick Foxhoven, chief technology officer of emerging technologies for cloud security firm Zscaler.
To read more click here: