One Step Ahead in Cyber Hide-and-Seek: Automating Malicious Infrastructure Discovery With Graph Neural Networks

A new study from cybersecurity firm, Palo Alto Networks, has identified 4,000 phishing domains used in a large-scale phishing campaign — one of the largest ever found — that targeted customers of national and private postal and delivery services across the world.
The threat group behind the campaign rotated through the domains every few days, with some appearing and disappearing within just 24 hours, making it hard for traditional detection methods to spot.
In one example, the group used a well-known postal service in Spain while targeting customers in another country and, in another example, they targeted customers of the US Postal Service and other postal services in Panama and Paraguay using the same IP address.
This demonstrates that monitoring and detection need to look beyond simple patterns and take into account all the contextual information that machines can detect and analyse.

Fast Feed