Krebs on Security

MARCH 9, 2021

The IE weakness — CVE-2021-26411 — affects both IE11 and newer EdgeHTML-based versions, and it allows attackers to run a file of their choice by getting you to view a hacked or malicious website in IE. In the ENKI blog post, the researchers said they will publish proof-of-concept (PoC) details after the bug has been patched.

DNS 314

DNS Internet Internet Software 314

Security Affairs

FEBRUARY 9, 2021

Microsoft February 2021 Patch Tuesday addresses 56 vulnerabilities, including a flaw that is known to be actively exploited in the wild. The CVE-2021-1732 zero-day is an elevation of privilege issues that resides in the Windows Win32k component. “This is potentially wormable, although only between DNS servers.

DNS 98

DNS IoT Backups Mobile 98

Cisco Security

AUGUST 11, 2021

We looked at REvil, also known as Sodinokibi or Sodin, earlier in the year in a Threat Trends blog on DNS Security. In it we talked about how REvil/Sodinokibi compromised far more endpoints than Ryuk, but had far less DNS communication. Figure 1-DNS activity surrounding REvil/Sodinokibi. Deleting backups.

Ransomware 140

Ransomware DNS Encryption Backups 140

Webroot

JANUARY 26, 2022

In fact, phishing attacks spiked by 510% from just January – February 2020, according to the 2021 Threat Report. A defense in depth security posture utilizing DNS and endpoint detection as well as a sound backup strategy can give you confidence that you’re prepared to withstand even a successful phishing attack.

Phishing 102

Phishing DNS Backups Security Awareness 102

eSecurity Planet

JANUARY 28, 2022

Microsoft in November fended off a massive distributed denial-of-service (DDoS) attack in its Azure cloud that officials said was the largest ever recorded, the latest in a wave of record attacks that washed over the IT industry in the second half of 2021. There was one peak in the attack, which lasted about 15 minutes.

DDOS 136

DDOS IoT Engineering DNS 136

Webroot

MAY 25, 2021

Be sure to choose vendors who provide the type of guidance, support, and enablement resources you need; who can and will advise you on how best to configure your cybersecurity and backup and disaster recovery systems; and who are invested in helping you ensure maximum return on the investment you and your customers are making in these solutions.

Phishing 143

Phishing DNS Backups Cyber threats 143

McAfee

SEPTEMBER 14, 2021

McAfee customers are protected from the malware/tools described in this blog. A more detailed blog with specific recommendations on using the McAfee portfolio and integrated partner solutions to defend against this attack can be found here. The hardcoded 208.67.222.222 resolves to a legitimate OpenDNS DNS server. brushupdata(.)com.

Malware 144

Malware DNS Accountability Manufacturing 144