Tag: dns-malicious-domain
All the articles with the tag "dns-malicious-domain".
-
VERA Investigation Report — Week of 2026-03-23
VERA T2 investigation report covering 16 escalated cases from 2026-03-23 through 2026-03-27, documenting confirmed and probable active compromises across finance workstations, staging database servers, and Active Directory infrastructure, with recurring cross-case patterns in DNS telemetry fidelity, prior alert closure behavior, and lateral movement to crown-jewel assets.
-
TORA Week in Review — Mar 23–27, 2026
A week dominated by active C2 and ransomware infrastructure contacts across production and staging environments, with a persistent cluster of suppressed phishing noise and one unresolved asset-context gap that recurred across multiple days.