Reposted from CISA/DHS

The Cybersecurity and Infrastructure Security Agency (CISA), along with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), Canadian Centre for Cyber Security (CCCS), and New Zealand National Cyber Security Centre (NCSC-NZ), released a joint Fast Flux Cybersecurity Advisory (CSA) to warn organizations, internet service providers (ISPs), and cybersecurity service providers  of the ongoing threat of fast flux enabled malicious activities and the gap that many networks have in defending against them. This CSA encourages ISPs and service providers, especially Protective Domain Name System (PDNS) providers, to help mitigate this threat by taking proactive steps to develop accurate and reliable fast flux detection analytics and block fast flux activities for their customers. The CSA also provides guidance on detecting and mitigating fast flux by adopting a multi-layered approach that combines DNS analysis, network monitoring, and threat intelligence to protect networks against fast flux operations. Government and critical infrastructure organizations should close this ongoing gap in many networks’ defenses by using cybersecurity and PDNS services that block malicious fast flux activity.

See Original Post