Threat actors are using DNS tunneling to scan for network vulnerabilities and check the success of phishing campaigns, according to new research from Palo Alto Networks. The security vendor’s Unit 42 explained in a blog post yesterday that DNS tunneling is usually deployed as a means to bypass security filters by hiding malicious traffic in DNS packets.

Source: Infosecurity