As the invasion of Ukraine has put enterprises around the world on high alert for cyberattacks, Infoblox, a firm that provides DNS administration and protection, is dedicating its top threat intelligence to GitHub to share its most relevant research with the larger security community.
Infoblox’s threat researchers have already reported on three distinct efforts that used the Ukraine situation to spread malware (Agent Tesla and Remcos) and financially swindle well-intentioned individuals. Because of the fast-paced nature of cyber operations, the corporation decided to offer threat information in the form of machine-readable files, making it easier for defenders to integrate threat data into their systems.
Infoblox’s GitHub repository now has over 800 indicators, including fraudulent and suspicious domains, as well as lawful domains that may be blacklisted by other suppliers via automated analytics. Infoblox users may access detailed information in the Threat Indicator Data Exchange (TIDE) database.
BloxOne Threat Defense
Infoblox will continue to publish higher-level attack campaign analyses on the Infoblox community site and submit high-priority threat intelligence indications relating to key world events to the GitHub community. These initiatives would give greater resources to security defenders when they are confronted with high-risk situations, which occur often during crises.
Customers of BloxOne Threat Defense may improve their protection by utilizing the most recent threat indicators for Ukraine, which the team has already included to the product feeds. BloxOne Threat Defense would simplify protection against various risks by automating the implementation of these indications. Clients may also use BloxOne Threat Defense to restrict traffic from certain eastern European nations, such as Russia, rather than the whole area, and to monitor sanctions lists to ensure compliance with trade rules and regulations.
For non-Infoblox clients, the business is offering a free limited-time trial of BloxOne Threat Defense Advanced, the industry’s most trusted DNS security solution, to guard against cyber threats such as current malware, data exfiltration, domain creation algorithms, and more (non-Infoblox clients may register here).
“We’re committed to doing what we can to protect organizations from cyberattacks,” said Craig Sanderson, Vice President of Product Management at Infoblox. “The escalating risks require that we collectively help critical infrastructure, supply chain vendors, and other potential targets defend themselves. This is also why we are bringing product enhancements, like more granular threat feeds, and free access to BloxOne Threat Defense to bolster customers’ cyber arsenals.”