Latest news with #Infoblox
Scoop
5 days ago
- Business
- Scoop
Infoblox Recognised As A Great Place To Work In Australia
Press Release – Infoblox Infoblox recognised as a great place to work, where employees are treated fairly regardless of gender or sexual orientation by Great Place to Work. Infoblox, a leader in cloud networking and security services, today announced it has been recognised as a Great Place To Work in Australia. This is the first year Infoblox has been included in the under 30 employee 'micro' category in the Information Technology industry. Developed by global workplace culture consultancy, Great Place To Work, the prestigious award is based entirely on what current employees say about their experience working at Infoblox. Infoblox stood out for its job satisfaction, with 88 per cent of employees recommending it as a great place to work, compared to 60 per cent of employees at a typical company in Australia. The company was also recognised for its safety in the workplace, with 100 per cent of respondents saying it is a physically safe place to work, where people are treated fairly regardless of their gender or sexual orientation. Notably, Infoblox employees highlighted that the organisation has great coordination from management and makes new employees feel welcome. 'At Infoblox, our people come first. We pride ourselves on being an equal opportunities employer, and we're especially proud to have received such positive feedback regarding workplace safety,' says Scott Morris, Managing Director at Infoblox for Australia and New Zealand. 'Our purpose is to help customers protect their critical networks and advocate for DDI security. But this is only possible through the incredible talent of our employees and creating a supportive environment where everybody is equal.' The recognition comes following the opening of Infoblox's new Australian headquarters in Sydney. The new offices include a customer and partner training and collaboration suite, and are located in the heart of the fast-growing North Sydney tech hub. Vice President of Global Recognition at Great Place To Work, Sarah Lewis-Kulin, highlighted that the influence of leadership within organisations is more critical than ever in 2025. 'Great Place To Work Certification is a highly coveted achievement that requires consistent and intentional dedication to the overall employee experience,' says Sarah Lewis-Kulin. She emphasises that the certification is the sole official recognition earned by the real-time feedback of employees regarding their company culture. 'By successfully earning this recognition, it is evident that Infoblox stands out as one of the top companies to work for, providing a great workplace environment for its employees.' The recognition follows Infoblox's recent success sponsoring the Women in Cyber summit which took place in Canberra earlier this year. Infoblox unites networking, security and cloud to form a platform for operations that's as resilient as it is agile. Trusted by 13,000+ customers, including 92 of the Fortune 100, we seamlessly integrate, secure and automate critical network services so businesses can move fast without compromise. Visit or follow us on LinkedIn , or X.
Scoop
5 days ago
- Business
- Scoop
Infoblox Recognised As A Great Place To Work In Australia
Infoblox, a leader in cloud networking and security services, today announced it has been recognised as a Great Place To Work in Australia. This is the first year Infoblox has been included in the under 30 employee 'micro' category in the Information Technology industry. Developed by global workplace culture consultancy, Great Place To Work, the prestigious award is based entirely on what current employees say about their experience working at Infoblox. Infoblox stood out for its job satisfaction, with 88 per cent of employees recommending it as a great place to work, compared to 60 per cent of employees at a typical company in Australia. The company was also recognised for its safety in the workplace, with 100 per cent of respondents saying it is a physically safe place to work, where people are treated fairly regardless of their gender or sexual orientation. Notably, Infoblox employees highlighted that the organisation has great coordination from management and makes new employees feel welcome. 'At Infoblox, our people come first. We pride ourselves on being an equal opportunities employer, and we're especially proud to have received such positive feedback regarding workplace safety,' says Scott Morris, Managing Director at Infoblox for Australia and New Zealand. 'Our purpose is to help customers protect their critical networks and advocate for DDI security. But this is only possible through the incredible talent of our employees and creating a supportive environment where everybody is equal.' The recognition comes following the opening of Infoblox's new Australian headquarters in Sydney. The new offices include a customer and partner training and collaboration suite, and are located in the heart of the fast-growing North Sydney tech hub. Vice President of Global Recognition at Great Place To Work, Sarah Lewis-Kulin, highlighted that the influence of leadership within organisations is more critical than ever in 2025. 'Great Place To Work Certification is a highly coveted achievement that requires consistent and intentional dedication to the overall employee experience," says Sarah Lewis-Kulin. She emphasises that the certification is the sole official recognition earned by the real-time feedback of employees regarding their company culture. 'By successfully earning this recognition, it is evident that Infoblox stands out as one of the top companies to work for, providing a great workplace environment for its employees." The recognition follows Infoblox's recent success sponsoring the Women in Cyber summit which took place in Canberra earlier this year. About Infoblox Infoblox unites networking, security and cloud to form a platform for operations that's as resilient as it is agile. Trusted by 13,000+ customers, including 92 of the Fortune 100, we seamlessly integrate, secure and automate critical network services so businesses can move fast without compromise. Visit or follow us on LinkedIn , or X.
Tahawul Tech
04-06-2025
- Business
- Tahawul Tech
Threat Intel must adapt to disruptive adversarial GenAI
Bart Lenaerts, Senior Product Marketing Manager, Infoblox, explores how cyber adversaries are increasingly leveraging Generative AI (GenAI), especially Large Language Models (LLMs), to enhance their attacks through social engineering, deception, and code obfuscation. Generative AI, particularly Large Language Models (LLM), is enforcing a transformation in cybersecurity. Adversaries are attracted to GenAI as it lowers entry barriers to create deceiving content. Actors do this to enhance the efficacy of their intrusion techniques like social engineering and detection evasion. This article provides common examples of malicious GenAI usage like deepfakes, chatbot automation and code obfuscation. More importantly, it also makes a case for early warnings of threat activity and usage of predictive threat intelligence capable of disrupting actors before they execute their attacks. Example 1: Deepfake scams using voice cloning At the end of 2024, the FBI warned that criminals were using generative AI to commit fraud on a larger scale, making their schemes more believable. GenAI tools like voice cloning reduce the time and effort needed to deceive targets with trustworthy audio messages. Voice cloning tools can even correct human errors like foreign accents or vocabulary that might otherwise signal fraud. While creating synthetic content isn't illegal, it can facilitate crimes like fraud and extortion. Criminals use AI-generated text, images, audio, and videos to enhance social engineering, phishing, and financial fraud schemes. Especially worrying is the easy access cybercriminals have to these tools and the lack of security safeguards. A recent Consumer Reports investigation[1] on six leading publicly available AI voice cloning tools discovered that five have bypassable safeguards, making it easy to clone a person's voice even without their consent. Voice cloning technology works by taking an audio sample of a person speaking and then extrapolating that person's voice into a synthetic audio file. However, without safeguards in place, anyone who registers an account can simply upload audio of an individual speaking, such as from a TikTok or YouTube video, and have the service imitate them. Voice cloning has been utilized by actors in various scenarios, including large-scale deep-fake videos for cryptocurrency scams or the imitation of voices during individual phone calls. A recent example that garnered media attention is the so-called 'grandparent' scams[2], where a family emergency scheme is used to persuade the victim to transfer funds. Example 2: AI-powered chat boxes Actors often pick their victims carefully by gathering insights on their interests and set them up for scams. Initial research is used to craft the smishing message and trigger the victim into a conversation with them. Personal notes like 'I read your last social post and wanted to become friends' or 'Can we talk for a moment?' are some examples our intel team discovered (step 1 in picture 2). While some of these messages may be extended with AI-modified pictures, what matters is that actors invite their victims to the next step, which is a conversation on Telegram or another actor controlled medium, far away from security controls (step 2 in picture 2). Once the victim is on the new medium, the actor uses several tactics to continue the conversation, such as invites to local golf tournaments, Instagram following or AI-generated images. These AI bot-driven conversations go on for weeks and include additional steps, like asking for a thumbs-up on YouTube or even a social media repost. At this moment, the actor is trying to assess their victims and see how they respond. Sooner or later, the actor will show some goodwill and create a fake account. Each time the victim reacts positively to the actor's request, the amount of currency in the fake account will increase. Later, the actor may even request small amounts of investment money, with an ROI of more than 25 percent. When the victim asks to collect their gains (step 3 in picture 2), the actor requests access to the victim's crypto account and exploits all established trust. At this moment, the scamming comes to an end and the actor steals the crypto money in the account. While these conversations are time-intensive, they are rewarding for the scammer and can lead to ten-thousands of dollars in ill-gotten gains. By using AI-driven chat boxes, actors have found a productive way to automate the interactions and increase the efficiency of their efforts. InfoBlox Threat Intel tracks these scams to optimize threat intelligence production. Common characteristics found in malicious chat boxes include: AI grammar errors, such as an extra space after a period, referencing foreign languages Using vocabulary that includes fraud-related terms Forgetting details from past conversations Repeating messages mechanically due to poorly trained AI chatbots (also known as parroting) Making illogical requests, like asking if you want to withdraw your funds at irrational moments in the conversation Using false press releases posted on malicious sites Opening conversations with commonly used phrases to lure the victim Using specific cryptocurrency types used often in criminal communities The combinations of these fingerprints allow threat intel researchers to observe emerging campaigns, track back the actors and their malicious infrastructure. Example 3: Code obfuscation and evasion Threat actors are using GenAI not only for creating human readable content. Several news outlets explored how GenAI assists actors in obfuscating their malicious codes. Earlier this year Infosecurity Magazine[3] published details of how threat researchers at HP Wolf discovered social engineering campaigns spreading VIP Keylogger and 0bj3ctivityStealer malware, both of which involved malicious code being embedded in image files. With a goal to improve the efficiency of their campaign, actors are repurposing and stitching together existing malware via GenAI to evade detection. This approach also assists them in gaining velocity in setting up threat campaigns and reducing the skills needed to construct infection chains. Industry threat research HP Wolf estimates evasion increments of 11% for email threats while other security vendors like Palo Alto Networks estimate[4] that GenAI flipped their own malware classifier model's verdicts 88% of the time into false negatives. Threat actors are clearly making progress in their AI driven evasion efforts. Making the case for modernising threat research As AI driven attacks pose plenty of detection evasion challenges, defenders need to look beyond traditional tools like sandboxing or indicators derived from incident forensics to produce effective threat intelligence. One of these opportunities can be found by tracking pre-attack activities instead of sending the last suspicious payload to a slow sandbox. Just like your standard software development lifecycle, threat actors go through multiple stages before launching attacks. First, they develop or generate new variants for the malicious code using GenAI. Next, they set up the infrastructure like email delivery networks or hard to trace traffic distribution systems. Often this happens in combination with domain registrations or worse hijacking of existing domains. Finally, the attacks go into 'production' meaning the domains become weaponised, ready to deliver malicious payload. This is the stage where traditional security tools attempt to detect and stop threats because it involves easily accessible endpoints or networks egress points within the customer's environment. Because of evasion and deception by GenAI tools, this point of detection may not be effective as the actors continuously alter their payloads or mimic trustworthy sources. The Value of Predictive Intelligence Based on DNS Telemetry To stay ahead of these evolving threats, organisations should consider leveraging predictive intelligence derived from DNS telemetry. DNS data plays a crucial role in identifying malicious actors and their infrastructure before attacks even occur. Unlike payloads that can be altered or disguised using GenAI, DNS data is inherently transparent across multiple stakeholders—such as domain owners, registrars, domain servers, clients, and destinations—and must be 100% accurate to ensure proper connectivity. This makes DNS an ideal source for threat research, as its integrity makes it less susceptible to manipulation. DNS analytics also provides another significant advantage: domains and malicious DNS infrastructures are often configured well in advance of an attack or campaign. By monitoring new domain registrations and DNS records, organisations can track the development of malicious infrastructure and gain insights into the early stages of attack planning. This approach enables the identification of threats before they're activated. Conclusion The evolving landscape of AI and the impact on security is significant. With the right approaches and strategies, such as predictive intelligence derived from DNS, organizations can truly get ahead of GenAI risks and ensure that they don't become patient zero. [1] [2] [3] [4] Image Credit: Infoblox
Scoop
21-05-2025
- Scoop
New Cyber Threat ‘Hazy Hawk' Hijacks Major Domains – Are You At Risk?
Press Release – Infoblox Infoblox Threat Intel has tracked some of this activity to a threat actor, dubbed Hazy Hawk, that uses hijacked domains to conduct large-scale scams and malware distribution. Hazy Hawk is a sophisticated threat actor that hijacks forgotten DNS records from …Subdomain hijacking through abandoned cloud resources is an issue that probably every major organisation has experienced, and these attacks are on the rise. Infoblox Threat Intel has tracked some of this activity to a threat actor, dubbed Hazy Hawk, that uses hijacked domains to conduct large-scale scams and malware distribution. This discovery highlights the critical need for organisations to manage their domain name systems (DNS) records and cloud resources vigilantly. Hazy Hawk is a sophisticated threat actor that hijacks forgotten DNS records from discontinued cloud services such as Amazon S3 buckets and Azure endpoints. By taking control of these abandoned resources, Hazy Hawk is able to host malicious URLs that lead unsuspecting users to scams and malware. Identifying vulnerable DNS records in the cloud is significantly more challenging than identifying regular unregistered domains. As cloud usage has grown, the number of abandoned 'fire and forget' resources has skyrocketed. Especially for those companies that do not use a comprehensive visibility and management solution for managing all their assets across their digital real estate. Hazy Hawk has successfully hijacked subdomains of reputable organisations, including the U.S. Center for Disease Control (CDC), various government agencies, universities, and international companies since December 2024. Hazy Hawk Details: Sophisticated Techniques: Unlike traditional domain hijackers, Hazy Hawk targets DNS misconfigurations in the cloud and must have access to commercial passive DNS services to do so Wide-Reaching Impact: The hijacked domains are used to distribute a variety of scams, including fake advertisements and malicious push notifications, affecting millions of users globally Economic Consequences: The scams facilitated by Hazy Hawk contribute to the multi-billion-dollar fraud market, with significant financial losses reported, particularly among the elderly population Obfuscation: Hazy Hawk uses layered defenses to protect its operations, including hijacking reputable domains, obfuscating URLs, and redirecting traffic through multiple domains Protective Measures To thwart threat actors like Hazy Hawk, organisations should implement robust DNS management practices, including regular audits of DNS records and prompt removal of records associated with discontinued cloud services. Additionally, users should be educated to deny push notification requests from unfamiliar websites to avoid falling victim to scams. For more information on Hazy Hawk read the full research Blog here.
Channel Post MEA
10-04-2025
- Business
- Channel Post MEA
Infoblox And Google Cloud Partner On Networking Security
Infoblox has announced it is collaborating with Google Cloud to simplify enterprise networking and security while helping organizations accelerate their cloud transformation journeys. Infoblox and Google Cloud are offering two new solutions to help enterprises address challenges in hybrid, multi-cloud networking and cybersecurity: Infoblox Universal DDI for Google's Cloud WAN is a fully integrated solution that combines the world-class, global Google Cloud Cross-Cloud Network infrastructure with Infoblox's industry-leading DNS and DHCP capabilities to transform enterprise networking. Google Cloud DNS Armor, powered by Infoblox, is a next-generation, native Protective DNS solution that provides robust and preemptive detection of malicious activity for Google Cloud workloads. 'The partnership with Google Cloud represents a strategic milestone in our commitment to innovation and mission to enhance cloud networking and security,' said Scott Harrell, president and CEO, Infoblox. 'It's a testament to the critical role that Protective DNS and DDI services play in managing and securing today's hybrid multi-cloud environments. Infoblox and Google Cloud are providing enterprises with tightly integrated, cloud-first solutions that enable secure connectivity while also reducing operational overhead. Together, our technologies are used to manage critical workloads at nearly every Fortune 100 company.' 'At Google Cloud, we are committed to building a cloud infrastructure with global scale that helps simplify operations for our customers,' said Muninder Singh Sambi, VP/GM, Networking, Google Cloud. 'Enabling a resilient and secure network is a critical component of that vision—bridging networking and security to help ensure seamless connectivity and performance. Infoblox has long been a leader in DDI and Protective DNS innovation, making them the ideal partner to help us deliver enterprise-grade network services in the cloud. By integrating Infoblox's technology into Google Cloud, we're making it easier for organizations to modernize, connect and scale their global operations with confidence.' As businesses today face growing challenges to simplify operations, strengthen security and stay agile, they require a more streamlined, integrated approach to networking and security. 'The partnership between Infoblox and Google Cloud marks a major leap forward in enterprise networking and security,' said Alfredo Rodriguez, vice president, cloud platform infrastructure, Sabre Corporation. 'By uniting their expertise, they are delivering scalable, intelligent solutions that simplify branch operations, fortify defenses and enable agile, efficient cloud connectivity.' Infoblox Universal DDI for Google's Cloud WAN The Infoblox Universal DDI integration with Google's Cloud WAN allows organizations to quickly deploy Universal DDI's NIOS-X as a Service with ease. Infoblox Universal DDI for Google's Cloud WAN provides infrastructure-free DNS and DHCP services, anywhere in the world, tightly integrated with the Google Cloud Cross-Cloud Network. The combination provides enterprises modernizing their infrastructure with enhanced performance, resiliency and scale across the globe. These integrated services greatly simplify infrastructure deployment and management, reducing total cost of ownership while helping to ensure the efficient delivery of applications, workloads and services to branches, data centers and users worldwide. This fully integrated, centrally managed solution unifies enterprise backbones, SD-WANs and enterprise-grade critical network services. And, when combined with Infoblox security offerings, Infoblox Universal DDI can be used as a single interception point to deploy consistent security policies across an entire hybrid cloud infrastructure. Infoblox Universal DDI for Google's Cloud WAN is available in the Google Cloud Marketplace. The Infoblox Universal DDI integration with Google's Cloud WAN allows organizations to quickly deploy Universal DDI's NIOS-X as a Service with ease. Infoblox Universal DDI for Google's Cloud WAN provides infrastructure-free DNS and DHCP services, anywhere in the world, tightly integrated with the Google Cloud Cross-Cloud Network. The combination provides enterprises modernizing their infrastructure with enhanced performance, resiliency and scale across the globe. These integrated services greatly simplify infrastructure deployment and management, reducing total cost of ownership while helping to ensure the efficient delivery of applications, workloads and services to branches, data centers and users worldwide. This fully integrated, centrally managed solution unifies enterprise backbones, SD-WANs and enterprise-grade critical network services. And, when combined with Infoblox security offerings, Infoblox Universal DDI can be used as a single interception point to deploy consistent security policies across an entire hybrid cloud infrastructure. Infoblox Universal DDI for Google's Cloud WAN is available in the Google Cloud Marketplace. DNS Armor, powered by Infoblox DNS Armor from Google Cloud leverages Infoblox's deep expertise in protective DNS and DNS-centric threat intelligence to secure cloud workloads, delivering simplified, scalable threat detection. The solution provides enhanced and preemptive security designed to integrate seamlessly without increasing operational complexity. It allows customers to inspect DNS communications for malicious activity, such as ransomware, command and control, data exfiltration, Zero Day DNS threats, domain generation algorithms and more. Infoblox's technology powers the DNS Armor service, and customers can activate and configure DNS threat detection directly on the Google Cloud console. Administrators can monitor DNS queries and access real-time DNS threat logs that enable early threat detection and a proactive security posture. DNS Armor can detect attacks 63 days before other solutions. The solution is easy for any Google Cloud customer to activate within the Google Cloud console. 'As cyber threats grow more sophisticated, the collaboration between Infoblox and Google Cloud delivers a game-changing approach to network security,' said Bob Walker, senior domain network engineer, Lloyds Banking Group. 'Google Cloud's DNS Armor, powered by Infoblox, harnesses the best of both technologies—cutting-edge DNS threat intelligence and scalable cloud architecture—to provide enterprises with robust protection against emerging threats.' 'Infoblox powers Google Cloud's DNS Armor with intelligence beyond just a DNS block list—tracking activity of potential adversaries to uncover and flag every corner of their malicious network,' said Chris Kissel, research vice president, security and trust, IDC. 'The first challenge to cybersecurity is it's typically reactive, and DNS Armor, powered by Infoblox, provides a preemptive solution to securing cloud workloads that doesn't add additional complexity or compute.'
