Cybersecurity researchers have uncovered a sophisticated phishing campaign that exploits a rarely monitored part of the internet’s core infrastructure. Threat actors are abusing the special-use .arpa top level domain and IPv6 reverse DNS mechanisms to bypass traditional phishing detection systems and deliver malicious content to unsuspecting users. The technique, identified by researchers at Infoblox, highlights how attackers are increasingly manipulating fundamental internet protocols rather than relying on conventional malicious domains. By leveraging reverse DNS infrastructure, trusted hosting providers and rapidly rotating hostnames, the campaign is able to evade many email security gateways and domain reputation based detection systems. submitted by /u/NeuraCyb-Intel [link] [comments]