Product
Suspicious processes on Windows hosts are making DNS queries to known, abused web services such as text-paste sites, file sharing platforms, and tunneling services, potentially indicating malware downloading or command and control activity.