Security Affairs

MAY 1, 2021

The Internet Systems Consortium (ISC) released updates for the BIND DNS software to patch several denial-of-service (DoS) and potential RCE flaws. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, BIND). Follow me on Twitter: @securityaffairs and Facebook.

DNS 118

DNS Software Internet Internet 118

Security Affairs

MAY 24, 2024

The use of Dynamic DNS (DDNS) services embedded in appliances can potentially expose data and devices to attacks. The use of Dynamic DNS (DDNS) services embedded in appliances, such as those provided by vendors like Fortinet or QNAP, carries cybersecurity implications. It increases the discoverability of customer devices by attackers.

DNS 106

DNS Manufacturing Firewall Internet 106

Security Affairs

SEPTEMBER 23, 2020

Qurium analyzes the blocking implemented by four different operators in Belarus Belarus operators use their own infrastructure to implement the blocking Block techniques include transparent web proxies, injection of HTTP responses, stateless and stateful SSL DPI and fake DNS responses. Qurium forensics report: Internet blocking in Belarus.

Internet 115

Internet Internet DNS Advertising 115

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. In 2019, a Canadian company called Defiant Tech Inc.

Hacking 200

Hacking Accountability Data breaches Marketing 200

Security Affairs

MAY 1, 2024

Researchers at Lumen’s Black Lotus Labs discovered a new malware family, named Cuttlefish, which targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data from internet traffic. The malicious code can also perform DNS and HTTP hijacking within private IP spaces.

Malware 95

Malware DNS Authentication Telecommunications 95

Security Affairs

MAY 11, 2023

Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models. “Team82 disclosed five vulnerabilities in NETGEAR’s Nighthawk RAX30 routers as part of its research and participation in last December’s Pwn2Own Toronto hacking competition.”

Hacking 92

Hacking Firmware Authentication DNS 92

Security Affairs

JULY 14, 2019

The UK’s National Cyber Security Centre (NCSC) issued a security advisory to warn organizations of DNS hijacking attacks and provided recommendations this type of attack. “In January 2019 the NCSC published an alert to highlight a large-scale global campaign to hijack Domain Name Systems (DNS).”

DNS 76

DNS Social Engineering Accountability Advertising 76

Security Affairs

MARCH 21, 2024

Researchers from the CISPA Helmholtz Center for Information Security (Germany) devised a new denial-of-service (DoS) attack, called loop DoS attack, that hundreds of thousands of internet-facing systems from major vendors. DNS, NTP, and TFTP) protocols. “The vulnerability affects both legacy (e.g.,

DNS 112

DNS Internet Internet Information Security 112

Security Affairs

AUGUST 4, 2022

“The attack can be performed without user interaction if the management interface of the device has been configured to be internet facing. “By default, this attack is reachable on the LAN and may be reachable via the internet (WAN) as well if the user has enabled remote web management on their device. Pierluigi Paganini.

Hacking 96

Hacking Internet Internet Passwords 96

Security Affairs

FEBRUARY 12, 2024

If you’re unsure, avoid entering sensitive information or use a privacy screen to block prying eyes. DNS Spoofing DNS (Domain Name System) is like the internet’s phone book, translating domain names into IP addresses. Use a VPN to encrypt your internet traffic and avoid connecting to unfamiliar Wi-Fi networks.

DNS 116

DNS VPN Encryption Passwords 116

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. SecurityAffairs – TalkTalk, hacking).

Hacking 78

Hacking DNS Cryptocurrency Accountability 78

Security Affairs

SEPTEMBER 15, 2021

Anonymous claims to have hacked the controversial web hosting provider Epik, known for allowing far-right, neo-Nazi, and other extremist content. According to the hackers, stolen data includes: Domain purchases Domain transfers WHOIS history DNS changes Email forwards, catch-alls, etc. SecurityAffairs – hacking, Anonymous).

Hacking 104

Hacking Data breaches DNS Media 104

Security Affairs

AUGUST 10, 2020

An attacker could use $300 worth of off-the-shelf equipment to eavesdrop and intercept signals from satellite internet communications. The academic researcher James Pavur, speaking at Black Hat 2020 hacking conference , explained that satellite internet communications are susceptible to eavesdropping and signal interception.

Internet 87

Internet Internet Advertising Encryption 87

Security Affairs

MARCH 28, 2024

CVE-2024-20307 – CVE-2024-20308 (CVSS score 8.6) – Multiple vulnerabilities in the Internet Key Exchange version 1 (IKEv1) fragmentation feature of Cisco IOS Software and Cisco IOS XE Software. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Cisco )

Software 108

Software Wireless DNS Internet 108

Security Affairs

MAY 1, 2023

While analyzing billions of DNS records, Infoblox researchers discovered a sophisticated malware toolkit, dubbed Decoy Dog, that was employed in attacks aimed at enterprise networks. The researchers pointed out that while the malware is open source, deploying it as a DNS C2 requires a significant effort. ” concludes the report.

Malware 70

Malware DNS Education Media 70

Security Affairs

FEBRUARY 16, 2019

Russia plans to disconnect the country from the internet as part of an experiment aimed at testing the response to cyber attacks that should isolate it. Russia plans to conduct the country from the Internet for a limited period of time to conduct a test aimed at assessing the security of its infrastructure.

Internet 85

Internet Internet DNS Cyber Attacks 85

The Security Ledger

DECEMBER 29, 2021

Mark talks about how the Internet community can come together ahead of the next vulnerability to make sure the. Mark talks about how the Internet community can come together ahead of the next vulnerability to make sure the mistakes that are evident in the response to Log4j aren’t repeated. . Read the whole entry. »

DNS 98

DNS Internet Internet Cyber Attacks 98

Security Affairs

AUGUST 10, 2020

Our findings show that both Telenor and MPT block websites using DNS tampering. MPT is ignoring the DNS requests to the blocked domains, while Telenor is redirecting them to an IP address outside of the country. The mail account hostmaster@urlblocked.pw, published as contact details in DNS, bounces all incoming mails.

Internet 70

Internet Internet Telecommunications DNS 70

Security Affairs

JANUARY 16, 2023

Milisic purchased the T95 Android TV box to run Pi-hole , which is a Linux network-level advertisement and Internet tracker blocking application. Milisic also devised a trick to block the malware using the Pi-hole to change the DNS of the command and control server, YCXRL.COM to 127.0.0.2. SecurityAffairs – hacking, malware).

Malware 94

Malware Firmware DNS Internet 94

Security Affairs

JUNE 22, 2021

The DirtyMoe rootkit was delivered via malspam campaigns or served by malicious sites hosting the PurpleFox exploit kit that triggers vulnerabilities in Internet Explorer, such as the CVE-2020-0674 scripting engine memory corruption vulnerability. SecurityAffairs – hacking, botnet). ” continues the report. . Pierluigi Paganini.

DNS 122

DNS Cryptocurrency Internet Internet 122

Security Affairs

APRIL 24, 2021

Dan Kaminsky was very active in the cyber security community, he was a regular speaker at major cybersecurity and hacking conferences, including Black Hat and DEFCON. He is best known for his study on DNS cache poisoning and for his investigation into the Sony Rootkit attacks. SecurityAffairs – hacking, Kaminsky).

Cybersecurity 142

Cybersecurity InfoSec DNS Hacking 142

Security Affairs

NOVEMBER 15, 2021

The attack was launched by a Mirai botnet variant composed of 15,000 bots, it combined DNS amplification attacks and UDP floods. The botnet included Internet of Things (IoT) devices and GitLab instances. “This was a multi-vector attack combining DNS amplification attacks and UDP floods. Pierluigi Paganini.

DDOS 121

DDOS DNS IoT Internet 121

Security Affairs

JANUARY 7, 2024

Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns. The group targets government entities, Kurdish (political) groups like PKK, telecommunication, ISPs, IT-service providers (including security companies), NGO, and Media & Entertainment sectors; Over the years, the group enhanced its evasion capabilities. .

Media 105

Media Accountability Telecommunications Government 105

Security Affairs

OCTOBER 4, 2021

John Graham-Cumming , CTO at Cloudflare, reported that some minutes before Facebook’s DNS outage began they observed a large number of BGP changes for Facebook’s ASN a circumstance that suggests BGP routing problems. SecurityAffairs – hacking, social network). This is what it looked like to @Cloudflare. Relax everyone.

DNS 107

DNS Internet Internet Security Awareness 107

Security Affairs

APRIL 21, 2022

Umbrella is Cisco’s cloud-based Secure Internet Gateway (SIG) platform that provides users with multiple levels of defense against internet-based threats. Umbrella integrates secure web gateway, firewall, DNS-layer security, and cloud access security broker (CASB) functionality to protect systems against threats.

DNS 107

DNS Firewall Internet Internet 107

Security Affairs

FEBRUARY 5, 2021

The hacking group TeamTNT has been employing a new piece of malware, dubbed Hildegard, in a series of attacks targeting Kubernetes systems. Below the attack chain documented by the reseachers from Palo Alto Networks: The attacker targeted an unsecured Kubelet on the internet and searched for containers running inside the Kubernetes nodes.

Malware 107

Malware DNS Cryptocurrency Internet 107

Security Affairs

AUGUST 22, 2021

million customers Adobe addresses two critical vulnerabilities in Photoshop Hamburg’s data protection agency (DPA) states that using Zoom violates GDPR Kalay cloud platform flaw exposes millions of IoT devices to hack Fortinet FortiWeb OS Command Injection allows takeover servers remotely 1.9 SecurityAffairs – hacking, newsletter).

Data breaches 97

Data breaches Mobile Ransomware DNS 97

Security Affairs

DECEMBER 22, 2020

Security experts shared lists of organizations that were infected with the SolarWinds Sunburst backdoor after decoding the DGA mechanism. Security experts started analyzing the DGA mechanism used by threat actors behind the SolarWinds hack to control the Sunburst / Solarigate backdoor and published the list of targeted organizations.

Hacking 136

Hacking Banking Manufacturing DNS 136

Security Affairs

SEPTEMBER 25, 2022

builder Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign Hackers stole $160 Million from Crypto market maker Wintermute U.S. builder Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign Hackers stole $160 Million from Crypto market maker Wintermute U.S.

Cryptocurrency 79

Cryptocurrency Data breaches DNS DDOS 79

Security Affairs

DECEMBER 19, 2022

The botnet was involved in stealing users’ credentials and data, mining cryptocurrencies abusing victims’ resources, and setting up proxies to funnel other people’s internet traffic through infected machines and routers. SecurityAffairs – hacking, Glupteba botnet). Pierluigi Paganini.

DNS 93

DNS Antivirus Cryptocurrency Software 93

Security Affairs

SEPTEMBER 22, 2021

For the specific DNS-based MITM attack used above, the attacker must race DNS queries from the Circle update daemon. Other MitM attacks that do not rely on DNS manipulation will also allow an attacker to exploit this vulnerability.” SecurityAffairs – hacking, SOHO). ” concludes the report. Pierluigi Paganini.

DNS 123

DNS Firmware VPN Risk 123

Security Affairs

JULY 19, 2020

SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 273 appeared first on Security Affairs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

DNS 74

DNS Advertising Surveillance Malware 74

Security Affairs

OCTOBER 28, 2020

Microsoft announced to have taken down 62 of the original 69 TrickBot C&C servers, seven servers that could not be brought down last week were Internet of Things (IoT) devices. At the end of 2019, researchers spotted a new TrickBot backdoor framework dubbed Anchor that was using the DNS protocol for C2 communications.

DNS 101

DNS Banking Advertising IoT 101

Security Affairs

JUNE 16, 2020

The flaws can be exploited for remote code execution, denial-of-service (DoS) attacks, and for obtaining potentially sensitive information. A remote attacker could exploit the flaw by sending specially crafted IP packets or DNS requests to the vulnerable devices. SecurityAffairs – Ripple20, hacking). Pierluigi Paganini.

Hacking 65

Hacking IoT Advertising DNS 65

Security Affairs

OCTOBER 29, 2020

In early 2019, researchers spotted a new TrickBot backdoor framework dubbed Anchor that was using the anchor_dns tool for abusing the DNS protocol for C2 communications. SecurityAffairs – hacking, ransomware). The post FBI, CISA alert warns of imminent ransomware attacks on healthcare sector appeared first on Security Affairs.

Healthcare 140

Healthcare Ransomware Cybercrime Advertising 140

Security Affairs

JULY 15, 2020

Today we released an update for CVE-2020-1350 , a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base score of 10.0. This issue results from a flaw in Microsoft’s DNS server role implementation and affects all Windows Server versions.

DNS 58

DNS Advertising Engineering Internet 58

Security Affairs

MARCH 10, 2021

Microsoft’s March Patch Tuesday security updates address 89 vulnerabilities in its products, including Microsoft Windows components, Azure and Azure DevOps, Azure Sphere, Internet Explorer and Edge (EdgeHTML), Exchange Server, Office and Office Services and Web Apps, SharePoint Server, Visual Studio, and Windows Hyper-V.

Internet 74

Internet Internet DNS Hacking 74