Free DNSBL Service Launched by NetFend for Community

🚀 Launching Free DNSBL Service for the Community We're excited to announce that our DNS-based Blacklist (DNSBL) is now publicly available and completely free to use! What we're offering: ✓ Real-time threat intelligence database ✓ Check IPs, domains, and URLs against our blocklist ✓ Easy DNS-based integration (dnsbl.emailsbit.com) ✓ Constantly updated with the latest threats Whether you're running email servers, web applications, or building security tools, you can now tap into our threat database at no cost. Why we built this: Security shouldn't be a luxury. By making our DNSBL publicly available, we want to help protect more businesses and developers from spam, phishing, and malicious traffic. Getting started is simple: 🔗 Visit: https://lnkd.in/e_vFKbtZ 📖 Full integration guide and API docs available No signup required. No credit card. Just protection. Powered by NetFend – Advanced threat defense for email and web infrastructure

🚀 Launching Free DNSBL Service for the Community We're excited to announce that our DNS-based Blacklist (DNSBL) is now publicly available and completely free to use! What we're offering:  ✓ Real-time threat intelligence database  ✓ Check IPs, domains, and URLs against our blocklist  ✓ Easy DNS-based integration (dnsbl.emailsbit.com)  ✓ Constantly updated with the latest threats Whether you're running email servers, web applications, or building security tools, you can now tap into our threat database at no cost. Why we built this: Security shouldn't be a luxury. By making our DNSBL publicly available, we want to help protect more businesses and developers from spam, phishing, and malicious traffic. Getting started is simple: 🔗 Visit: https://lnkd.in/e_vFKbtZ  📖 Full integration guide and API docs available No signup required. No credit card. Just protection. Powered by NetFend – Advanced threat defense for email and web infrastructure

Analysis of the attack chain reveals that the initial vector often involves weaponized Microsoft Office documents exploiting CVE-2023-23397 to bypass Outlook’s security model. https://lnkd.in/g6FyFHCM

💥 New Blog Alert 💥 Shifting AiTM Techniques In this piece, we’ll detail how AiTM techniques are advancing, including: 💢 Why attackers are increasingly using SVG redirect lures to evade detection. 💢 How trusted platforms such as Microsoft Visio and Cloudflare Workers are being abused to deliver malicious links. 💢 Why dynamic, fingerprinting-resistant phishing kits are getting harder to track. 💢 How proactive measures like ASN blocking and phishing-resistant MFA can help to reduce exposure. 💢 How poorly implemented kits and infrastructure leaks (e.g. misconfigured domains, static artefacts, exposed hosting providers) create detection opportunities despite growing sophistication. Link in the comments below ⬇️

I was looking at a Cisco article about writing proxy.pac files and noticed a common mistake in their examples: using shExpMatch(url, "...") with wide patterns like *...*. https://lnkd.in/ei_VQCFA The problem: they check the full URL, not just the host. That means if the text .example.com appears anywhere in the URL — even in a search query on another site — the request may go DIRECT and skip the proxy. If your firewall allows direct outbound connections (don't do this!), this can reduce security. Attackers can abuse this by creating links such as evilwebsite.tld/?matchedpattern Another issue: adding * in the patterns (*.example.com*), especially on the right side of the string. This makes the match too broad and creates wrong results. Important to remember: proxy.pac or wpad.dat are only for routing web traffic. They are not a security tool. Always test the rules carefully and keep the patterns as simple and exact as possible. I use findproxyforurl.net for interactive and comprehensive checks. #proxypac #proxy #wpad #wpaddat #swg #zscaler #netskope #paloalto #swg #skyhigh

Is your company's most critical blind spot hiding in plain sight? While most security teams focus on firewalls and web traffic, attackers are increasingly using the internet's phonebook—the Domain Name System (DNS)—as a secret backdoor for malware delivery, data theft, and command and control. In this episode of The Defenders Log, host David Redekop sits down with cybersecurity educator Josh Kuo from Infoblox to uncover the shocking ways DNS is weaponized. Josh shares jaw-dropping stories from the field, explaining complex threats in a way that anyone can understand. Learn how a simple DNS query can be used to exfiltrate your most sensitive data and how Protective DNS is becoming an essential layer of defense for modern organizations. Whether you're a CISO, a network admin, or just passionate about security, this is a conversation you can't afford to miss. Learn More About Our Guest: Josh Kuo is a leading cybersecurity educator at Infoblox, specializing in DNS security and threat intelligence. Infoblox is a leader in managing and securing DNS, DHCP, and IP address management (DDI) for enterprise networks. Find out more at https://www.infoblox.com https://lnkd.in/dPCZbrCz #CyberSecurity #DNS #PrivacyMatters #DNSFirewall #InternetSecurity #SecureDNS #TechPodcast #CyberDefense #ZeroTrust #ThreatIntelligence #NetworkSecurity #DefendersLog #CyberThreats #DNSInnovation #InternetPrivacy #OpenInternet #Anycast #DigitalDefense #LawAndTech #Infosec #Adamnetworks

🚨 Breaking News: Microsoft Defender Bug Causes False BIOS Alerts 🚨 Microsoft has acknowledged a bug in Defender for Endpoint (ref. ID DZ1163521) that’s incorrectly flagging Dell device BIOS as outdated — even when firmware is already current. For security teams, this means: ⚠️ Endless false alerts ⚠️ Distracted analysts chasing non-issues ⚠️ Increased risk of missing real threats in the noise This type of alert fatigue isn’t just frustrating — it’s dangerous. Attackers thrive when defenders are overwhelmed by false positives. At CyberSecurity24x7.com , we help organizations cut through the noise with: Endpoint Penetration Testing to validate controls Alert Tuning & Threat Hunting to minimize false positives Dark Web & Breach Monitoring to detect real risks early 👉 Don’t let buggy tools blindside your defenses. Strengthen your endpoint security posture today with CyberSecurity24x7. 📖 Original source:

𝗙𝗿𝗼𝗺 𝗖𝗵𝗮𝗼𝘀 𝘁𝗼 𝗖𝗼𝗻𝘁𝗿𝗼𝗹: 𝗛𝗼𝘄 𝗟𝗶𝗺𝗶𝘁𝗶𝘀 𝗕𝗲𝗮𝘁 𝘁𝗵𝗲 𝗗𝗗𝗼𝗦 𝗦𝘁𝗼𝗿𝗺 What happens when a group of teenagers with dark web tools decides to “test” your infrastructure? For Italian IT provider Limitis, it meant flooded bandwidth, crashed platforms and a wake-up call no one asked for. Quick fixes failed. That’s when they turned to StormWall. 💪 Together, we built a custom DDoS defense: Early threat detection Zero-impact filtering 24/7 expert support Despite 200+ servers and thousands of clients, full deployment took just two months. ✅ The result: Zero DDoS-related outages since. Now, uptime isn’t just stability — it’s a competitive edge. 👉 Read the full story: https://lnkd.in/e-myvrxF Want to protect your infrastructure with the same reliability? Contact our product specialist today — and let’s build your defense before the next attack hits. Sachira Fernando | sachira@connexit.biz | +971 54 787 6800 #CyberSecurity #DDoSProtection #NetworkSecurity #ITInfrastructure #CloudSecurity #StormWall #Limitis #DDoSDefense #CyberResilience #ZeroDowntime

A recent CISA alert highlights a widespread supply chain compromise impacting the npm ecosystem, a critical component for many SMBs relying on open-source JavaScript packages. ([cisa.gov](https://lnkd.in/gmjKBPSD)) This incident underscores the importance of monitoring and securing your software supply chain to prevent potential vulnerabilities from affecting your operations. To mitigate such risks, implement automated tools that continuously scan your software dependencies for known vulnerabilities and unauthorized changes. Read the full report here: ([cisa.gov](https://lnkd.in/gmjKBPSD)) How does your organization ensure the integrity of its software supply chain? #CybersecurityTip #BusinessSecurity #TechLeadership

5️⃣ common gaps in #CloudSecurity—and only one solution. ☁️ 🔐 Fragmented tools leave blind spots in visibility, misconfiguration detection, runtime protection, and application security. Discover how #FortiCNAPP closes these gaps with a single platform that secures cloud-native applications from code to runtime: https://ftnt.net/6045AbemZ 🛡️