Tag: Roman Ranskyi

Threat Hunting Rules: Possible C2 Connection via DoH

It’s been a year since the first malware timidly exploited DNS-over-HTTPS (DoH) to retrieve the IPs for the command-and-control infrastructure. Security researchers had already warned that this could be a serious problem and started to look for a solution that would help detect such malicious traffic. More and more malware has been switching to DoH […]

Read More