Cisco Talos researchers have taken down an attack aimed at the Securities and Exchange Commission. The use of DNS as a conveyance for later-stage code and two-way communications is also becoming more and more commonplace. “The use of obfuscation as well as the presence of a complex multi-stage infection process indicates that this is a sophisticated and highly motivated threat actor that is continuing to operate,” said Talos in a statement. The ability to spoof the SEC and then host malware within the government perimeter is deeply worrying.”]
Source: https://www.darkreading.com/abtv/cisco-talos-team-tackles-top-tier-txt-threat/a/d-id/737262