Security News

Hackers Targeting Myanmar Use Domain Fronting to Hide Malicious Activities
2021-11-17 07:13

A malicious campaign has been found leveraging a technique called domain fronting to hide command-and-control traffic by leveraging a legitimate domain owned by the Myanmar government to route communications to an attacker-controlled server with the goal of evading detection. The threat, which was observed in September 2021, deployed Cobalt Strike payloads as a stepping stone for launching further attacks, with the adversary using a domain associated with the Myanmar Digital News network, a state-owned digital newspaper, as a front for their Beacons.

Wickr gets slicker with fresh network tricker: Privacy-protecting domain fronting alternative emerges
2018-08-23 22:56

Secure messaging maker courts biz comms gigs with Psiphon's help Encrypted comms service Wickr has hooked up with Psiphon, a maker of censorship circumvention tools, to provide an alternative to...

Google and Amazon put an end to censorship-dodging domain fronting
2018-05-03 14:36

Privacy services relying on the unsupported feature have been left high and dry

Amazon to kill off censorship-foiling domain fronting option
2018-05-02 18:52

Secure messaging services and other privacy-oriented tools that rely on domain fronting to foil censorship efforts by various countries have been dealt a severe blow in the last month. First...

As Google and AWS kill domain fronting, users must find a new way to fight censorship
2018-05-02 12:16

The messaging app Signal used a technique called domain fronting to misdirect censors in certain regions.

APT29 Used Domain Fronting, Tor to Execute Backdoor (Threatpost)
2017-03-27 20:14

APT29, a/k/a Cozy Bear, has used Tor and a technique called domain fronting in order to secure backdoor access to targets for nearly two years running.

APT29 Cyberspies Use Domain Fronting to Evade Detection (SecurityWeek)
2017-03-27 15:18