Krebs on Security

MARCH 9, 2021

The IE weakness — CVE-2021-26411 — affects both IE11 and newer EdgeHTML-based versions, and it allows attackers to run a file of their choice by getting you to view a hacked or malicious website in IE. In the ENKI blog post, the researchers said they will publish proof-of-concept (PoC) details after the bug has been patched.

DNS 324

DNS Internet Internet Software 324

Security Affairs

FEBRUARY 9, 2021

Microsoft February 2021 Patch Tuesday addresses 56 vulnerabilities, including a flaw that is known to be actively exploited in the wild. The CVE-2021-1732 zero-day is an elevation of privilege issues that resides in the Windows Win32k component. “This is potentially wormable, although only between DNS servers.

DNS 98

DNS IoT Backups Mobile 98

Cisco Security

AUGUST 11, 2021

We looked at REvil, also known as Sodinokibi or Sodin, earlier in the year in a Threat Trends blog on DNS Security. In it we talked about how REvil/Sodinokibi compromised far more endpoints than Ryuk, but had far less DNS communication. Figure 1-DNS activity surrounding REvil/Sodinokibi. Deleting backups.

Ransomware 129

Ransomware DNS Encryption Backups 129

Webroot

JANUARY 26, 2022

In fact, phishing attacks spiked by 510% from just January – February 2020, according to the 2021 Threat Report. A defense in depth security posture utilizing DNS and endpoint detection as well as a sound backup strategy can give you confidence that you’re prepared to withstand even a successful phishing attack.

Phishing 102

Phishing DNS Backups Security Awareness 102

eSecurity Planet

JANUARY 28, 2022

Microsoft in November fended off a massive distributed denial-of-service (DDoS) attack in its Azure cloud that officials said was the largest ever recorded, the latest in a wave of record attacks that washed over the IT industry in the second half of 2021. There was one peak in the attack, which lasted about 15 minutes.

DDOS 135

DDOS IoT Engineering DNS 135

Webroot

MAY 25, 2021

Be sure to choose vendors who provide the type of guidance, support, and enablement resources you need; who can and will advise you on how best to configure your cybersecurity and backup and disaster recovery systems; and who are invested in helping you ensure maximum return on the investment you and your customers are making in these solutions.

Phishing 143

Phishing DNS Backups Cyber threats 143

Security Boulevard

APRIL 4, 2022

The previous version, ACME v1, was deprecated on June 1st, 2021. On September 15, 2021, the DNS records for acme-v01.api.letsencrypt.org CA agility with flexibility to add and support backup CAs. You can read all about the key points of how ACME works in this blog. api.letsencrypt.org were removed. UTM Medium.

Encryption 52

Encryption Authentication DNS Risk 52