Remove 2015 Remove DNS Remove Encryption
article thumbnail

German encrypted email service Tutanota suffers DDoS attacks

Security Affairs

The popular encrypted email service Tutanota was hit with a series of DDoS attacks this week targeting its website fist and its DNS providers later. Encrypted email service, Tutanota suffered a series of DDoS attacks that initially targeted the website and later its DNS providers. ” continues the post.

DDOS 145
article thumbnail

Some Fortinet products used hardcoded keys and weak encryption for communications

Security Affairs

Researchers at SEC Consult Vulnerability Lab discovered multiple issues in several security products from Fortinet, including hardcoded key and encryption for communications. “ Fortinet products, including FortiGate and Forticlient regularly send information to Fortinet servers (DNS: guard.fortinet.com) on. Pierluigi Paganini.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Alleged Iran-linked APT groups behind global DNS Hijacking campaign

Security Affairs

Security expert uncovered a DNS hijacking campaign targeting organizations in various industries worldwide and suspects Iranian APT groups. It is interesting to note that FireEye confirmed that this campaign is different from other operations carried out by Iranian APT groups due to the use of DNS hijacking at scale.

DNS 109
article thumbnail

Let’s Encrypt CA is revoking over 3 Million TLS certificates due to a bug

Security Affairs

Let’s Encrypt is going to revoke over 3 million certificates today due to a flaw in the software used to verify users and their domains before issuing a certificate. A bug in Let’s Encrypt’s certificate authority (CA) software, dubbed Boulder, caused the correct validation for some certificates.

article thumbnail

Experts warn of a surge in activity associated FICORA and Kaiten botnets

Security Affairs

Some of the vulnerabilities exploited by the botnets are CVE-2015-2051 , CVE-2019-10891 , CVE-2022-37056 , and CVE-2024-33112. The malware’s configuration, including its C2 server domain and a unique string, is encrypted using the ChaCha20 algorithm. ” reads the report published by Fortinet.

article thumbnail

Your Work Email Address is Your Work's Email Address

Troy Hunt

When the Ashley Madison data breach occurred in 2015, it made headline news around the world. Not only do they control the access rights to the mailbox, they also control DNS and MX records therefore they control the routing of emails.

article thumbnail

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

Unlike other IoT DDoS botnets, Ttint implements 12 remote access functions such as Socket5 proxy for router devices, tampering with router firewall and DNS settings, executing remote custom system commands. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” concludes the report.

IoT 145