Anatomy of a Cyber Attack: DNSpionage

  • Date 05 Jun 2019

Anatomy of a Cyber Attack: DNSpionage

05 Jun 2019, 11:20 - 11:45

Tech Talks

Threat actors continuously search for new techniques to compromise their victims. Recently, Cisco Talos identified a new malicious campaign named “DNSpionage”. This attack comprises three components: information stealing malware, tampering with organisations’ DNS records, and using the compromised DNS to register valid TLS certificates. Together these components allow the threat actor to perform man-in-the-middle attacks and to harvest further credentials.

In addition to presenting what this attack reveals about the capabilities and aspirations of threat actors, Martin will review how organisations can protect themselves against similar attacks in the future.

Learning Outcomes:

  1. Learn about a highly strategic cyber attack
  2. Learn how to protect against information stealing malware
  3. Learn how TLS certificates were compromised from the DNS
  4. Learn how to prevent man-in-the-middle type attacks
  5. Learn what DNSpionage reveals about the new capabilities and aspirations of threat actors



  • Martin Lee


    Head of Cisco Talos Outreach, EMEA


    As Technical Lead within Cisco’s Talos Security Intelligence and Research Group, Martin Lee researches the latest developments in cybersecurity and...

Business Issues covered

  1. What will this session help you to do?
    • Mitigate the effects of new vulnerabilities and exploits‎
    • Understand internal and external threats and keep a business secure‎




We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies.