Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Malvertising campaign targets Android users with advanced crypto-steal...
How are people in 15 countries leveraging AI for travel planning?
Insider threats cited alongside external attacks in terms of severity:...
How are people in 15 countries leveraging AI for travel planning?
North America financial institutions lead surge in financial regulator...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      Resilience the true benchmark for smart infrastructure

      Resilience the true benchmark for smart infrastructure

      Wednesday, August 27, 2025, 8:21 PM Asia/Singapore | Features, IoT Security
    • Featured

      Deepfake a crisis of trust, not just technology

      Deepfake a crisis of trust, not just technology

      Tuesday, August 19, 2025, 10:06 AM Asia/Singapore | Features
    • Featured

      When talking sense into AI power mongers fails, talk $$$: A message from AI

      When talking sense into AI power mongers fails, talk $$$: A message from AI

      Thursday, August 14, 2025, 12:26 PM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2025
  • Directory
  • E-Learning

Select Page

Features

When legitimate URLs lead to dangerous destinations

By Victor Ng | Wednesday, August 6, 2025, 11:04 AM Asia/Singapore

When legitimate URLs lead to dangerous destinations

How often does your security team have to deal with cyber-attacks on end-users that employ techniques such as DNS poisoning and URL spoofing? I’ve had to deal with that in the last 15 years…

Cybercriminals have been manipulating how DNS resolves web addresses and silently redirect users to malicious lookalike sites that can install malware, harvest sensitive information, or serve ransomware. 

These risks are growing as hybrid and remote work environments expand attack surfaces, and as employees freely interact with online tools and AI platforms. And we need to nip them in the bud.

CybersecAsia finds out more in this Q&A with Paul Wilcox, VP, APJ, Infoblox.

Has DNS become a favored weapon in the cyber-attacker’s toolkit? If so, why?

Wilcox: DNS has become a key enabler in modern cyber-attacks, not just as the starting point, but as a tool that attackers actively exploit. Attackers use DNS to trick users into visiting fake websites, communicate with their own servers and even steal data, all while making it look like normal internet activity.

Every one of these activities starts with a DNS request. In fact, the US National Security Agency (NSA) found that 92% of cyber-attacks involve the use of DNS at some point in their execution.

That makes DNS a prime target; but it’s also a powerful tool for defenders when used correctly. 

For instance, at Infoblox, we put DNS at the center of our cybersecurity strategy. In a world where most defenses are reactive — waiting for something to go wrong — we take a preemptive approach. By embedding threat intelligence directly at the DNS layer, organizations can detect and block threats before they reach the endpoint, application or user.

How have hybrid and remote work environments exacerbated this cybersecurity challenge?

Wilcox: The shift to hybrid and remote work has massively expanded the attack surface. Employees are now connecting from everywhere — coffee shops, home networks, mobile hotspots — often bypassing traditional on-prem security controls and, in turn, amplifying DNS-related risks.

For instance, users connected to public Wi-Fi are particularly vulnerable to DNS spoofing. These environments are ripe for attackers to redirect users to malicious sites that install malware, often without the user ever realizing they’ve left a legitimate domain. In distributed work environments, attackers exploit this openness to sneak through undetected. Without consistent visibility into DNS activity across all digital activities and connections, organizations are flying blind.

A preemptive security approach embeds intelligence directly at the DNS layer, so threats can be blocked before they spread, regardless of a user’s location.

What are some AI-related developments that organizations and their employees need to be aware of?

Wilcox: The most pressing concern is the sheer scale and sophistication of AI-powered cyber-attacks. Generative AI allows attackers to produce highly convincing phishing attacks – not just en masse, but highly personalized, with perfect grammar, context-aware language and even with the tone of someone the victim knows.

We are also observing an increase in deepfake technology, where audio and video manipulation create a false sense of trust. In 2024, an employee in Hong Kong was tricked into transferring $25 million after a video call with a video of their deepfaked CFO.

This is especially concerning in the Asia Pacific region. A recent Cyber Security Agency of Singapore survey reported that 3 out of 4 Singaporeans could not tell apart a deepfake video from a real video, noting that the ability to spot deepfakes is not progressing at the same rate the technology is.

In today’s threat landscape, organizations cannot solely rely on their users to spot threats. That’s where DNS-centric preemptive security becomes vital. Traditional cybersecurity models wait for a first victim, or “patient zero,” to trigger a response. These approaches are no longer effective. Today’s attacks are targeted, AI-enhanced and often designed to make you patient zero.

That’s why preemptive security is critical. It’s critical to stop threats before they reach the user; before a malicious email is clicked, or a fake login page loads. By leveraging AI and machine learning, massive volumes of DNS traffic and threat signals can be turned into clear, actionable insights — helping security teams cut through alert fatigue and focus on what truly matters.

Advanced technology like AI has changed the speed and scale of attacks. Our defense strategy has to change as well: by embedding intelligence earlier in the cyber kill chain, closer to the infrastructure and away from the end user.

What can organizations do to protect this critical layer of their digital infrastructure?

Wilcox: One of the most important shifts we’re seeing in cybersecurity is the move away from the old “patient zero” model. For years, security strategies relied on detecting malware only after someone else had been hit — learning from their misfortune and updating defenses accordingly.

But that model is breaking down. Today’s threat actors are increasingly crafting attacks that are targeted and tailored, not just to a specific industry, but to individual organizations and even employees. That means the chance of you being patient zero increases drastically, and by the time traditional tools catch on, it’s already too late.

To stay ahead, organizations need a proactive approach focused on cutting off the communication channels that threats rely on, before an attacker can establish a foothold, move laterally, or exfiltrate data. The DNS layer is uniquely suited for this because almost every connection attempt, whether legitimate or malicious, starts with a DNS query.

By combining real-time DNS analytics with predictive intelligence, such as identifying suspicious infrastructure before it’s weaponized, organizations can stop threats before they have an opportunity to execute.

The future of cybersecurity isn’t just about reacting faster; it’s about intervening earlier. Security must be woven in at the infrastructure level to prevent threats from ever reaching their target. In a world of fast-moving, tailored attacks, that level of preemptive protection is no longer a luxury – it’s essential.

 

Share:

PreviousUzum Secures $70M Equity Financing Led by Tencent and VR Capital, Reaches $1.5B Valuation
NextDo corporations know the various AI risks that come with insufficient data security preparedness?

Related Posts

Securing apps, data and the edge throughout the DX journey

Securing apps, data and the edge throughout the DX journey

Tuesday, March 22, 2022

Should governments have carte blanche over the surveillance data collected?

Should governments have carte blanche over the surveillance data collected?

Friday, March 12, 2021

Without cyber insurance, India businesses are sitting ducks

Without cyber insurance, India businesses are sitting ducks

Tuesday, June 1, 2021

Amid WFH/hybrid-working trends, what keeps APAC CISOs sleepless?

Amid WFH/hybrid-working trends, what keeps APAC CISOs sleepless?

Friday, June 10, 2022

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • 2024 Insider Threat Report: Trends, Challenges, and Solutions

    2024 Insider Threat Report: Trends, Challenges, and Solutions

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
  • AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
  • Data Management in the Age of Cloud and AI

    Data Management in the Age of Cloud and AI

    In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
  • Mitigating Ransomware Risks with GRC Automation

    Mitigating Ransomware Risks with GRC Automation

    In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • CISOs can navigate emerging risks from autonomous AI with a new security framework

    CISOs can navigate emerging risks from autonomous AI with a new security framework

    See how security leaders can adopt layered strategies addressing intent, governance, and oversight to manage …Read more
  • MoneyMe strengthens fraud prevention and credit decisioning

    MoneyMe strengthens fraud prevention and credit decisioning

    Australian fintech strengthens risk management with SEON to scale lending operations securely and efficiently.Read more
  • PT Kereta Api Indonesia announces nationwide email and communication overhaul

    PT Kereta Api Indonesia announces nationwide email and communication overhaul

    The state railway operator’s upgraded email system improves privacy, operational reliability, and regulatory alignment for …Read more
  • Operationalizing sustainability in cybersecurity: Group-IB’s approach

    Operationalizing sustainability in cybersecurity: Group-IB’s approach

    See how the firm turned malware-group takedowns into measurements of sustainability and resilience gains: by …Read more

Bottom sidebar

  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2025 CybersecAsia All Rights Reserved.