CISA warns of Fast Flux DNS evasion
Good luck with this one. The only way I can see you can defend against it is to have a firewall with an active security domain feed, backed up with a secure DNS system also vetting for said domains along with Suricata signatures looking for suspect communications in your network.
CISA, the FBI, the NSA, and international cybersecurity agencies are calling on organizations and DNS providers to mitigate the "Fast Flux" cybercrime evasion technique used by state-sponsored threat actors and ransomware gangs.
It involves rapidly changing DNS records (IP addresses and/or name servers), making it hard for defenders to trace the source of malicious activity and block it.
CISA warns of Fast Flux DNS evasion used by cybercrime gangs
CISA, the FBI, the NSA, and international cybersecurity agencies are calling on organizations and DNS providers to mitigate the “Fast Flux” cybercrime evasion technique used by state-sponsored threat actors and ransomware gangs.
Bill Toulas
This is definitely a task for an AI, because there is no way a bio could keep up
#enoughsaid