Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

manageengine

DNS anomaly detection with machine learning: How ManageEngine DDI Central stops threats before they start

Apr 24, 2026 By Akshra GJ In ManageEngine
Most breaches don't announce themselves; they whisper. A subtly malformed DNS query here. A DHCP lease request that looks almost normal there. A client that suddenly requests a domain no one in your organization has ever heard of. By the time these whispers become alarms on a SIEM dashboard, attackers have often already moved laterally, exfiltrated data, or cemented persistence. In traditional DNS, DHCP, and IPAM (DDI) setups, these signals are buried under millions of legitimate transactions.
Read Post
cloudflare

Our ongoing commitment to privacy for the 1.1.1.1 public DNS resolver

Apr 1, 2026 By Rory Malone In Cloudflare
Exactly 8 years ago today, we launched the 1.1.1.1 public DNS resolver, with the intention to build the world’s fastest resolver — and the most private one. We knew that trust is everything for a service that handles the "phonebook of the Internet." That’s why, at launch, we made a unique commitment to publicly confirm that we are doing what we said we would do with personal data.
Read Post
manageengine

Data-driven forecasting: Plan your network growth and optimize resource usage with DDI Central's DNS and DHCP forecasting

Feb 19, 2026 By adithya.lk@zohocorp.com In ManageEngine
DNS and DHCP services in an organization’s network experience constant fluctuations in query spikes, lease requests, and client connections over time. Network administrators must continuously monitor these patterns to ensure service stability and availability. However, in fast-paced and growing networks, a proactive approach is far more effective than a reactive one. This allows teams to identify and resolve service-related issues before they lead to network disruptions or IP exhaustion.
Read Post
ionix

Dangling DNS in the AI Era: The Silent Attack Surface Expanding Beneath Your Feet

Feb 17, 2026 By Matt MacKinnon In IONIX
Artificial intelligence is accelerating digital transformation at an unprecedented pace. New AI-driven applications, copilots, data pipelines, APIs, and cloud services are spinning up faster than ever before. But while innovation moves at machine speed, governance often lags behind. The result? A rapidly expanding external attack surface filled with forgotten assets, abandoned cloud resources, and misconfigured DNS records — many of them quietly waiting to be hijacked.
Read Post
Forward Networks

Using NQE to Consistently Validate DNS Configuration During Network Changes

Feb 17, 2026 By Forward Networks In Forward Networks
DNS is foundational to almost every application, yet it is often treated as background configuration rather than a critical dependency. During network changes, DNS settings are easy to overlook. A single device pointing to the wrong resolver, missing a required DNS entry, or retaining a legacy configuration can cause application failures that appear unrelated to the original change.
Read Post
bluevoyant

Dangling DNS Is Off the Hook

Feb 2, 2026 By Lorri Janssen-Anessi In BlueVoyant
If your organization uses public cloud services or frequently spins up short‑lived web assets, there’s a good chance you already have at least one "dangling"DNS record. It's surprisingly easy to create one, and even easier to forget it exists. But a single forgotten record can give attackers a ready-made subdomain to host phishing pages, allow them to plant malware, or hijack your brand's reputation–without ever touching your infrastructure.
Read Post
certkit

Delegated DNS validation: proving domain ownership without exposing credentials

Jan 20, 2026 By Todd H. Gardner In CertKit
It seems like every service wants proof you control your domain. Certificate authorities need it to issue certificates. Email platforms need it to authorize sending. Analytics needs it to gather data. Just add this magic TXT record to your DNS, wait for propagation, click verify. It works fine when it’s a one-time setup, but certificate lifetimes are dropping to 47 days, and you won’t be able to keep up on that schedule.
Read Post

Episode 6 - Detecting DNS Covert Channels in the Wild (Part 2)

Jan 15, 2026 By Corelight In Corelight
In Episode 6 of Corelight DefeNDRs, we delve deeper into the fascinating world of DNS covert channels with Vern Paxson, our chief scientist and co-founder. Continuing from our previous discussion, Vern shares his insights on techniques developed to detect these stealthy channels utilized by intruders to evade security measures. We explore the innovative approach of leveraging time series analysis of DNS lookups, how to distinguish benign traffic from potential threats, and the real-world implications of our findings across significant datasets.
View Video
Domains, DNS and Forgotten Risks in Modern Security Stacks

Domains, DNS and Forgotten Risks in Modern Security Stacks

Jan 8, 2026 By SecuritySenses In SecuritySenses
When most cybersecurity teams map their threat landscape, they start with endpoints, users, cloud environments and network layers. It's a solid strategy - but it leaves one critical layer wide open: the domain and hosting infrastructure everything else depends on.
Read Post

Episode 5 - Detecting DNS Covert Channels in the Wild (Part 1)

Jan 1, 2026 By Corelight In Corelight
In Episode 5 of Corelight Defenders, I, Richard Bejtlich, engage with Corelight's co-founder and chief scientist, Vern Paxson, to delve into the intricate world of DNS covert channels. We explore how adversaries exploit DNS lookups to silently communicate within tightly controlled enterprise environments. Vern explains various methods attackers may use, from encoding data in seemingly benign domain names to manipulating the timing of requests. Our discussion highlights the challenges of detecting these covert channels, especially in the presence of network monitoring.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.