Penetration Testing

MAY 23, 2024

This innovative attack weaponizes DNS (Domain Name System) traffic to overwhelm and disrupt online services,... The post DNSBomb: New DDoS Attack Explodes DNS Traffic, Threatening Critical Internet Infrastructure appeared first on Penetration Testing.

DNS 145

DNS DDOS Internet Internet 145

Penetration Testing

JULY 24, 2024

The Internet Systems Consortium (ISC), the maintainers of the widely-used BIND Domain Name System (DNS) server software, has released critical security updates to address four high-severity vulnerabilities.

DNS 70

DNS Internet Internet Software 70

Security Affairs

MAY 1, 2024

The China-linked threat actors Muddling Meerkat are manipulating DNS to probe networks globally since 2019. Infoblox researchers observed China-linked threat actors Muddling Meerkat using sophisticated DNS activities since 2019 to bypass traditional security measures and probe networks worldwide. ” concludes the report.

DNS 120

DNS Firewall DDOS Hacking 120

SecureBlitz

JUNE 19, 2024

This post will show you the best DNS, IP, and WebRTC leak test sites. DNS, IP, and WebRTC leaks happen every day when we browse the internet; because we use local ISPs, we are bound to have these leaks. Also, how to overcome the leaks.

DNS 83

DNS Internet Internet Cybersecurity 83

The Hacker News

JULY 24, 2024

The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could be exploited to trigger a denial-of-service (DoS) condition. "A

DNS 92

DNS Software Cyber threats Internet 92

Bleeping Computer

MAY 13, 2024

Threat actors are using Domain Name System (DNS) tunneling to track when their targets open phishing emails and click on malicious links, and to scan networks for potential vulnerabilities. [.]

DNS 141

DNS Phishing 141

Tech Republic Security

NOVEMBER 27, 2023

With AdGuard DNS, you can block ads, customize parental controls and keep tabs on DNS requests coming in or out — all for the lowest price on the web.

DNS 143

DNS 143

The Last Watchdog

APRIL 18, 2023

Related: DNS — the good, bad and ugly Without DNS the World Wide Web never would never have advanced as far and wide as it has. However, due to its intrinsic openness and anonymity DNS has also become engrained as the primary communications mechanism used by cyber criminals and cyber warfare combatants.

DNS 208

DNS Internet Internet Cybersecurity 208

Security Boulevard

MAY 16, 2024

Microsoft is working on a promising-looking protocol to lock down DNS. ZTDNS aims to solve this decades-old problem by integrating the Windows DNS engine with the Windows Filtering Platform—the core component of the Windows Firewall—directly into client devices. Microsoft calls this DNS server or servers the “protective DNS server.”.

DNS 57

DNS Firewall Engineering 57

Penetration Testing

JULY 26, 2024

Researchers have discovered a new critical vulnerability in the Domain Name System (DNS), which enables a specialized attack termed “TuDoor.”

DNS 45

DNS Internet Internet Cybersecurity 45

Security Affairs

JULY 26, 2024

The Internet Systems Consortium (ISC) released BIND security updates that fixed several remotely exploitable DoS bugs in the DNS software suite. An attacker can exploit these vulnerabilities to disrupt DNS services. ISC addressed four high-severity vulnerabilities (CVSS score of 7.5) In BIND 9 versions 9.18.1 through 9.18.27, 9.19.0

DNS 76

DNS Software Internet Internet 76

Bleeping Computer

MAY 3, 2024

A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the "Always-on VPN" feature was enabled with the "Block connections without VPN" option. [.]

DNS 136

DNS VPN 136

The Hacker News

JUNE 11, 2024

Cybersecurity researchers have shed more light on a Chinese actor codenamed SecShow that has been observed conducting Domain Name System (DNS) on a global scale since at least June 2023.

DNS 121

DNS Education Government Cybersecurity 121

eSecurity Planet

NOVEMBER 10, 2023

DNS security protects the domain name system (DNS) from attackers seeking to reroute traffic to malicious sites. Since a majority of business IT traffic now accesses or passes through the internet, DNS plays an increasingly important — and vulnerable — role. in the DNS cache for more efficient delivery of information to users.

DNS 107

DNS DDOS Encryption Authentication 107

Schneier on Security

FEBRUARY 25, 2020

This is good news : Whenever you visit a website -- even if it's HTTPS enabled -- the DNS query that converts the web address into an IP address that computers can read is usually unencrypted. DNS-over-HTTPS, or DoH, encrypts the request so that it can't be intercepted or hijacked in order to send a user to a malicious site. [.].

DNS 336

DNS Internet Internet Encryption 336

Security Boulevard

JULY 9, 2024

Operational resiliency necessitates intelligence, visibility, and confidence: the three foundational pillars of protective DNS (PDNS). This makes malware command-and-control, phishing attacks, DNS tunneling and a number of other attacks significantly less effective. But Wait, What Is Protective DNS?

DNS 62

DNS Cyber threats Cyber Attacks Phishing 62

Security Boulevard

JULY 17, 2024

The post New Integration: EasyDMARC Integrates with Entri to Simplify DNS Record Management appeared first on EasyDMARC. The post New Integration: EasyDMARC Integrates with Entri to Simplify DNS Record Management appeared first on Security Boulevard. Integration with other tools that help enhance your.

DNS 67

DNS 67

Bleeping Computer

APRIL 29, 2024

A new cluster of activity tracked as "Muddling Meerkat" is believed to be linked to a Chinese state-sponsored threat actor's manipulation of DNS to probe networks globally since October 2019, with a spike in activity observed in September 2023. [.]

DNS 118

DNS Firewall 118

Penetration Testing

FEBRUARY 19, 2024

A proof-of-concept (PoC) was disclosed for a severe design flaw (CVE-2023-50387) in Domain Name System Security Extensions (DNSSEC), leaving DNS infrastructures vulnerable to widespread denial-of-service (DoS) attacks.

DNS 134

DNS Penetration Testing 134

Bleeping Computer

FEBRUARY 11, 2024

ExpressVPN has removed the split tunneling feature from the latest version of its software after finding that a bug exposed the domains users were visiting to configured DNS servers. [.]

DNS 143

DNS Software 143

The Hacker News

APRIL 29, 2024

A previously undocumented cyber threat dubbed Muddling Meerkat has been observed undertaking sophisticated domain name system (DNS) activities in a likely effort to evade security measures and conduct reconnaissance of networks across the world since October 2019.

DNS 140

DNS Internet Internet Cyber threats 140

The Hacker News

MARCH 5, 2024

A new DNS threat actor dubbed Savvy Seahorse is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds.

DNS 117

DNS Scams Banking Accountability 117

Schneier on Security

APRIL 18, 2019

DNS hijacking isn't new, but this seems to be an attack of uprecidented scale: Researchers at Cisco's Talos security division on Wednesday revealed that a hacker group it's calling Sea Turtle carried out a broad campaign of espionage via DNS hijacking, hitting 40 different organizations.

DNS 260

DNS Internet Internet Risk 260

Bleeping Computer

MAY 3, 2024

A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the "Always-on VPN" feature was enabled with the "Block connections without VPN" option. [.]

DNS 106

DNS VPN 106

CSO Magazine

MARCH 29, 2021

Being the backbone of the internet, the Domain Name System (DNS) protocol has undergone a series of improvements and enhancements over the past few years.

DNS 135

DNS Encryption Internet Internet 135

Heimadal Security

NOVEMBER 22, 2022

DNS scavenging is the process of removing stale DNS records, usually used together with DNS aging in order to free up space and improve system performance. In cybersecurity, in particular, DNS scavenging can help prevent DNS cache poisoning attacks and even reduce the chances of DNS servers being used in DDoS attacks.

DNS 96

DNS DDOS Cybersecurity 96

Bleeping Computer

FEBRUARY 28, 2024

A threat actor named Savvy Seahorse is abusing CNAME DNS records Domain Name System to create a traffic distribution system that powers financial scam campaigns. [.]

DNS 113

DNS Scams 113

Bleeping Computer

OCTOBER 25, 2023

Microsoft is testing support for the Discovery of Network-designated Resolvers (DNR) internet standard, which enables automated client-side discovery of encrypted DNS servers on local area networks. [.]

DNS 123

DNS Encryption Internet Internet 123

Bleeping Computer

JANUARY 22, 2024

Hackers are using a stealthy method to deliver to macOS users information-stealing malware through DNS records that hide malicious scripts. [.]

DNS 127

DNS Malware Cryptocurrency 127

Security Boulevard

JUNE 9, 2022

Key Features of this attack: The new malware is a.NET based DNS Backdoor which is a customized version of the open source tool “DIG.net”. The malware leverages a DNS attack technique called "DNS Hijacking" in which an attacker- controlled DNS server manipulates the response of DNS queries and resolve them as per their malicious requirements.

DNS 98

DNS Energy and Utilities Malware Telecommunications 98

Heimadal Security

NOVEMBER 7, 2022

Encrypted DNS traffic is a type of DNS traffic secured in a way that no third party can intervene during a DNS resolution (the process of translating a domain name into an IP address). This means that no one can intercept the data changed during a DNS request, so the names of the websites and […].

DNS 103

DNS Encryption 103

Penetration Testing

JUNE 5, 2024

A massive DNS probing operation, dubbed “Secshow,” has been underway since June 2023, targeting open DNS resolvers worldwide.

DNS 56

DNS Cybersecurity 56

Security Boulevard

JUNE 13, 2024

At the core of this connectivity lies the […] The post The Importance Of Secure DNS In Enterprise Security Strategy appeared first on Security Boulevard. From the rise in applications across cloud and containers, connected IoT devices to cloud services and mobile apps, the demand for secure and reliable connectivity is imperative.

DNS 62

DNS IoT Mobile Internet 62

Bleeping Computer

MAY 6, 2021

Attackers can use a newly disclosed domain name server (DNS) vulnerability publicly known as TsuNAME as an amplification vector in large-scale reflection-based distributed denial of service (DDoS) attacks targeting authoritative DNS servers. [.].

DNS 143

DNS DDOS 143

Heimadal Security

FEBRUARY 23, 2023

DNS records or resource records (RR) contain various types of data about domain names and IP addresses. They are stocked in DNS databases on authoritative DNS servers. DNS records offer information about what IP address is associated with what domain, for example.

DNS 83

DNS Mobile Cybersecurity 83

Security Boulevard

FEBRUARY 13, 2021

DNS poisoning, also known as DNS cache poisoning or DNS spoofing, is a highly deceptive cyber attack in which hackers redirect web traffic toward fake web servers and phishing websites. The post What is DNS Poisoning? aka DNS Spoofing) | Keyfactor appeared first on Security Boulevard.

DNS 119

DNS Cyber Attacks Phishing 119

Dark Reading

JUNE 16, 2023

To properly secure DNS infrastructure, organizations need strong security hygiene around DNS infrastructure and records management as well as closely monitoring and filtering DNS traffic.

DNS 95

DNS Security Awareness 95