{"id":5876,"date":"2021-01-19T12:19:44","date_gmt":"2021-01-19T20:19:44","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=5876"},"modified":"2024-04-26T13:20:58","modified_gmt":"2024-04-26T20:20:58","slug":"adopting-encrypted-dns","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/","title":{"rendered":"Adopting Encrypted DNS"},"content":{"rendered":"<p>Author: Eric Patterson<\/p>\n<p>TLP:WHITE<\/p>\n<p>&nbsp;<\/p>\n<h3>1.\u00a0 Executive Summary<\/h3>\n<p>On 15 January, the National Security Agency (NSA) released an informational cybersecurity whitepaper for <em>Adopting Encrypted DNS in Enterprise Environments.<sup>1<\/sup><\/em><sup>,2<\/sup> The paper outlines a growing shift away from the traditionally unencrypted Domain Name System (DNS) queries to DNS over HyperText Transport Protocol over Transport Layer Security (HTTPS), also known as DoH. DoH enhances security of an enterprise&#8217;s query\/response traffic from DNS resolvers to clients, but because of its encrypted nature, can shield important information from an enterprise&#8217;s security stack if not configured correctly.<\/p>\n<p>Enterprises should also be aware that DoH is not the only encrypted DNS protocol that exists; DNS over Transport Layer Security (TLS) known as DoT and DoH that makes use of a proxy, known as Oblivious DoH, are other methods of encrypting DNS traffic. Implementing the mitigations below will also apply to securing DoT and Oblivious DoH.<\/p>\n<p>NSA also notes that for home or mobile users and those that do not use DNS security products, DoH can be beneficial for safeguarding DNS queries\/responses from unauthorized passive monitoring.<\/p>\n<h3>2.\u00a0 Prevention and Mitigation<\/h3>\n<p>To help secure the use of DoH, NSA released a set of recommendations for those in enterprise IT environments. The list is by no means exhaustive:<\/p>\n<ul>\n<li><strong><em>Avoid a false sense of security <\/em><\/strong>&#8211; DoH is not an end all be all security solution. DoH is only designed to encrypt the query\/response traffic from a client to DNS resolver and does not extend beyond that to other Internet traffic. Maintaining other security safeguards to prevent cyber attacks is still a necessity for enterprises.<\/li>\n<li><strong><em>Only use the enterprise DNS resolver and disable all others <\/em><\/strong>&#8211; Create enterprise network\/firewall rules that block\/deny access to known DoH resolvers and establish a set of trusted DoH resolvers within the enterprise to handle client queries.<\/li>\n<li><strong><em>Block unauthorized DoH resolvers and traffic <\/em><\/strong>&#8211; Block unauthorized DoH and DoT traffic and resolvers to mitigate unauthorized resolver usage from outside devices connecting to the enterprise network (e.g. \u201cbring your own device\u201d or BYOD). Additionally, for applications that have native DoH capabilities (e.g. Firefox, Chrome, etc.), create enterprise policies that either disable this feature or force the applications to use enterprise-managed internal DoH resolvers.<\/li>\n<li><strong><em>Utilize host and device DNS logs<\/em><\/strong> &#8211; Purely relying on network monitoring tools for DNS traffic inspection will be insufficient. Incorporating DNS logging on all devices and including threat reputation services can help increase visibility and traffic filtering.<\/li>\n<li><strong><em>Consider a virtual private network (VPN) for additional privacy protection <\/em><\/strong>&#8211; To mitigate concerns about passive surveillance, especially with the recent push of remote working, use VPNs with current TLS versions.<\/li>\n<li><strong><em>Validate DNSSEC and use protective DNS capabilities <\/em><\/strong>&#8211; Establish security (e.g. DNSSEC) around the DNS process not protected by DoH and ensure enterprise DNS resolvers validate those parts of the process.<\/li>\n<li><strong><em>Disable DoT traffic traffic by blocking port 853<\/em><\/strong> &#8211; DNS-over-TLS uses the dedicated TCP port 853 and enterprises can block and log this traffic at the network perimeter.<strong>\u00a0<\/strong><\/li>\n<\/ul>\n<h3>Endnotes<\/h3>\n<ol>\n<li><a href=\"https:\/\/media.defense.gov\/2021\/Jan\/14\/2002564889\/-1\/-1\/0\/CSI_ADOPTING_ENCRYPTED_DNS_U_OO_102904_21.PDF\">https:\/\/media.defense.gov\/2021\/Jan\/14\/2002564889\/-1\/-1\/0\/CSI_ADOPTING_ENCRYPTED_DNS_U_OO_102904_21.PDF<\/a><\/li>\n<li><a href=\"https:\/\/www.icann.org\/en\/system\/files\/files\/sac-109-en.pdf\">https:\/\/www.icann.org\/en\/system\/files\/files\/sac-109-en.pdf<\/a><\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Author: Eric Patterson TLP:WHITE &nbsp; 1.\u00a0 Executive Summary On 15 January, the National Security Agency (NSA) released an informational cybersecurity whitepaper for Adopting Encrypted DNS in Enterprise Environments.1,2 The paper outlines a growing shift away from the traditionally unencrypted Domain Name System (DNS) queries to DNS over HyperText Transport Protocol over Transport Layer Security (HTTPS), [&hellip;]<\/p>\n","protected":false},"author":397,"featured_media":6739,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[554],"tags":[252,413,90,412,414],"class_list":{"0":"post-5876","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-threat-advisory","8":"tag-doh","9":"tag-dot","10":"tag-dot-doh","11":"tag-encrypted-dns","12":"tag-nsa","13":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Adopting Encrypted DNS<\/title>\n<meta name=\"description\" content=\"Adopting Encrypted DNS. On 15 January, the National Security Agency (NSA) released an informational cybersecurity whitepaper for Adopting Encrypted DNS in Enterprise Environments.1,2 The paper outlines a growing shift away from the traditionally unencrypted Domain Name System (DNS) queries to DNS over HyperText Transport Protocol over Transport Layer Security (HTTPS), also known as DoH. DoH enhances security of an enterprise&#039;s query\/response traffic from DNS resolvers to clients, but because of its encrypted nature, can shield important information from an enterprise&#039;s security stack if not configured correctly.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Adopting Encrypted DNS\" \/>\n<meta property=\"og:description\" content=\"Adopting Encrypted DNS. On 15 January, the National Security Agency (NSA) released an informational cybersecurity whitepaper for Adopting Encrypted DNS in Enterprise Environments.1,2 The paper outlines a growing shift away from the traditionally unencrypted Domain Name System (DNS) queries to DNS over HyperText Transport Protocol over Transport Layer Security (HTTPS), also known as DoH. DoH enhances security of an enterprise&#039;s query\/response traffic from DNS resolvers to clients, but because of its encrypted nature, can shield important information from an enterprise&#039;s security stack if not configured correctly.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-19T20:19:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-26T20:20:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-01.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"612\" \/>\n\t<meta property=\"og:image:height\" content=\"409\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Infoblox Threat Intel\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Infoblox Threat Intel\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory\\\/adopting-encrypted-dns\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory\\\/adopting-encrypted-dns\\\/\"},\"author\":{\"name\":\"Infoblox Threat Intel\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\"},\"headline\":\"Adopting Encrypted DNS\",\"datePublished\":\"2021-01-19T20:19:44+00:00\",\"dateModified\":\"2024-04-26T20:20:58+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory\\\/adopting-encrypted-dns\\\/\"},\"wordCount\":529,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory\\\/adopting-encrypted-dns\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ciu-image-01.jpg\",\"keywords\":[\"DoH\",\"DoT\",\"DoT\\\/DoH\",\"Encrypted DNS\",\"NSA\"],\"articleSection\":[\"Cyber Threat Advisory\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory\\\/adopting-encrypted-dns\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory\\\/adopting-encrypted-dns\\\/\",\"name\":\"Adopting Encrypted DNS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory\\\/adopting-encrypted-dns\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory\\\/adopting-encrypted-dns\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ciu-image-01.jpg\",\"datePublished\":\"2021-01-19T20:19:44+00:00\",\"dateModified\":\"2024-04-26T20:20:58+00:00\",\"description\":\"Adopting Encrypted DNS. On 15 January, the National Security Agency (NSA) released an informational cybersecurity whitepaper for Adopting Encrypted DNS in Enterprise Environments.1,2 The paper outlines a growing shift away from the traditionally unencrypted Domain Name System (DNS) queries to DNS over HyperText Transport Protocol over Transport Layer Security (HTTPS), also known as DoH. DoH enhances security of an enterprise's query\\\/response traffic from DNS resolvers to clients, but because of its encrypted nature, can shield important information from an enterprise's security stack if not configured correctly.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory\\\/adopting-encrypted-dns\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory\\\/adopting-encrypted-dns\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory\\\/adopting-encrypted-dns\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ciu-image-01.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ciu-image-01.jpg\",\"width\":612,\"height\":409,\"caption\":\"IT technician working on network servers and cables.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory\\\/adopting-encrypted-dns\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Infoblox Threat Intel\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/threat-intelligence\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Cyber Threat Advisory\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/threat-intelligence\\\/cyber-threat-advisory\\\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Adopting Encrypted DNS\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\",\"name\":\"Infoblox Threat Intel\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"caption\":\"Infoblox Threat Intel\"},\"description\":\"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/infoblox-threat-intel\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Adopting Encrypted DNS","description":"Adopting Encrypted DNS. On 15 January, the National Security Agency (NSA) released an informational cybersecurity whitepaper for Adopting Encrypted DNS in Enterprise Environments.1,2 The paper outlines a growing shift away from the traditionally unencrypted Domain Name System (DNS) queries to DNS over HyperText Transport Protocol over Transport Layer Security (HTTPS), also known as DoH. DoH enhances security of an enterprise's query\/response traffic from DNS resolvers to clients, but because of its encrypted nature, can shield important information from an enterprise's security stack if not configured correctly.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/","og_locale":"en_US","og_type":"article","og_title":"Adopting Encrypted DNS","og_description":"Adopting Encrypted DNS. On 15 January, the National Security Agency (NSA) released an informational cybersecurity whitepaper for Adopting Encrypted DNS in Enterprise Environments.1,2 The paper outlines a growing shift away from the traditionally unencrypted Domain Name System (DNS) queries to DNS over HyperText Transport Protocol over Transport Layer Security (HTTPS), also known as DoH. DoH enhances security of an enterprise's query\/response traffic from DNS resolvers to clients, but because of its encrypted nature, can shield important information from an enterprise's security stack if not configured correctly.","og_url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/","og_site_name":"Infoblox Blog","article_published_time":"2021-01-19T20:19:44+00:00","article_modified_time":"2024-04-26T20:20:58+00:00","og_image":[{"width":612,"height":409,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-01.jpg","type":"image\/jpeg"}],"author":"Infoblox Threat Intel","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Infoblox Threat Intel","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/"},"author":{"name":"Infoblox Threat Intel","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae"},"headline":"Adopting Encrypted DNS","datePublished":"2021-01-19T20:19:44+00:00","dateModified":"2024-04-26T20:20:58+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/"},"wordCount":529,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-01.jpg","keywords":["DoH","DoT","DoT\/DoH","Encrypted DNS","NSA"],"articleSection":["Cyber Threat Advisory"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/","url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/","name":"Adopting Encrypted DNS","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-01.jpg","datePublished":"2021-01-19T20:19:44+00:00","dateModified":"2024-04-26T20:20:58+00:00","description":"Adopting Encrypted DNS. On 15 January, the National Security Agency (NSA) released an informational cybersecurity whitepaper for Adopting Encrypted DNS in Enterprise Environments.1,2 The paper outlines a growing shift away from the traditionally unencrypted Domain Name System (DNS) queries to DNS over HyperText Transport Protocol over Transport Layer Security (HTTPS), also known as DoH. DoH enhances security of an enterprise's query\/response traffic from DNS resolvers to clients, but because of its encrypted nature, can shield important information from an enterprise's security stack if not configured correctly.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-01.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-01.jpg","width":612,"height":409,"caption":"IT technician working on network servers and cables."},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory\/adopting-encrypted-dns\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Infoblox Threat Intel","item":"https:\/\/www.infoblox.com\/blog\/category\/threat-intelligence\/"},{"@type":"ListItem","position":3,"name":"Cyber Threat Advisory","item":"https:\/\/www.infoblox.com\/blog\/category\/threat-intelligence\/cyber-threat-advisory\/"},{"@type":"ListItem","position":4,"name":"Adopting Encrypted DNS"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae","name":"Infoblox Threat Intel","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","caption":"Infoblox Threat Intel"},"description":"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.","url":"https:\/\/www.infoblox.com\/blog\/author\/infoblox-threat-intel\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5876","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/397"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=5876"}],"version-history":[{"count":4,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5876\/revisions"}],"predecessor-version":[{"id":5880,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5876\/revisions\/5880"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/6739"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=5876"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=5876"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=5876"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}