Oblivious DNS-over-HTTPS

Schneier on Security

This new protocol , called Oblivious DNS-over-HTTPS (ODoH), hides the websites you visit from your ISP. Because the DNS query is encrypted, the proxy can’t see what’s inside, but acts as a shield to prevent the DNS resolver from seeing who sent the query to begin with.

DNS 243

Firefox Enables DNS over HTTPS

Schneier on Security

This is good news : Whenever you visit a website -- even if it's HTTPS enabled -- the DNS query that converts the web address into an IP address that computers can read is usually unencrypted. browsers childpornography dns firefox https mozilla securityengineering terrorism

DNS 279
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Costly DNS Attacks on the Rise

Security Boulevard

While awareness of DNS security continues to grow, the cost, frequency and number of attacks remain high, while the pandemic and resulting hybrid work environments have resulted in huge disruption for organizations. The post Costly DNS Attacks on the Rise appeared first on Security Boulevard.

DNS 97

DNS over HTTPS, DNS over TLS explained: Encrypting DNS traffic

CSO Magazine

Being the backbone of the internet, the Domain Name System (DNS) protocol has undergone a series of improvements and enhancements over the past few years.

DNS 104

10 Threat Trends in DNS Security

Dark Reading

Cisco Security examines Cisco Umbrella data for trends in malicious DNS activity during 2020

DNS 91

New DNS Hijacking Attacks

Schneier on Security

DNS hijacking isn't new, but this seems to be an attack of uprecidented scale: Researchers at Cisco's Talos security division on Wednesday revealed that a hacker group it's calling Sea Turtle carried out a broad campaign of espionage via DNS hijacking, hitting 40 different organizations.

DNS 211

DNS Security

Adam Shostack

They asked us to look at the value of DNS security, such as when your DNS provider uses threat intel to block malicious sites. Just point to a DNS server like 9.9.9.9). The report is available from GCA’s site: Learn About How DNS Security Can Mitigate One-Third of Cyber Incidents. I’m happy to say that some new research by Jay Jacobs, Wade Baker, and myself is now available, thanks to the Global Cyber Alliance.

DNS 109

How DNS attacks threaten organizations

Tech Republic Security

Application downtime was the most significant side effect of a DNS attack, according to EfficientIP

DNS 170

TsuNAME flaw exposes DNS servers to DDoS attacks

Security Affairs

A flaw in some DNS resolvers, tracked as TsuNAME, can allow attackers to launch DDoS attacks against authoritative DNS servers. domains), and the Information Science Institute at the University of Southern California has discovered a vulnerability, named TsuNAME, in some DNS resolvers.

DNS 114

Blast Radius: DNS Takeovers

SecurityTrails

Patrik Hudak joins us to showcase his research into the impact DNS takeovers can have on companies. research

DNS 81

What is DNS Poisoning? (aka DNS Spoofing) | Keyfactor

Security Boulevard

DNS poisoning, also known as DNS cache poisoning or DNS spoofing, is a highly deceptive cyber attack in which hackers redirect web traffic toward fake web servers and phishing websites. The post What is DNS Poisoning?

DNS 97

DNS Global Outage Affected Websites and Online Services

Heimadal Security

A global DNS outage related to the Akamai company made quite a stir on Thursday. The post DNS Global Outage Affected Websites and Online Services appeared first on Heimdal Security Blog. Cybersecurity News DNS dns security global outage

DNS 83

NAME:WRECK DNS Bugs: What You Need to Know

Security Boulevard

That’s because the Domain Name System (DNS) protocol does a good job of seamlessly routing users to different IP addresses that are all associated with a single domain name. […]… Read More. The post NAME:WRECK DNS Bugs: What You Need to Know appeared first on The State of Security.

DNS 81

New Category of DNS Vulnerabilities Impacts Numerous DNSaaS Platforms

Heimadal Security

A brand-new category of DNS flaws that affects important DNS-as-a-Service (DNSaaS) suppliers has been recently discovered by cybersecurity specialists. The post New Category of DNS Vulnerabilities Impacts Numerous DNSaaS Platforms appeared first on Heimdal Security Blog.

DNS 87

Details on Recent DNS Hijacking

Schneier on Security

At the end of January the US Department of Homeland Security issued a warning regarding serious DNS hijacking attempts against US government domains. Brian Krebs wrote an excellent article detailing the attacks and their implications. Strongly recommended

DNS 147

DNS Filtering: A Top Battle Front Against Malware and Phishing

Threatpost

Peter Lowe with DNSFilter discusses the science behind domain name system (DNS) filtering and how this method is effective in blocking out phishing and malware. Podcasts black list content filtering DNS dns filtering Domain Name System internet filtering malware Phishing

DNS 96

What Is DNS And Why Should Your Business Care?

Adam Levin

Department of Homeland Security issued an emergency directive in January 2019 giving government agencies ten days to verify that they weren’t compromised by DNS hijacking. ICANN has been pointing out vulnerabilities in the DNS system since at least 2001 , and for the better part of the last decade urging companies to adopt the more secure Domain Name System Security Extensions, or DNSSEC. . What Is DNS and How Does It Get Hijacked? The U.S.

DNS 130

Threat Trends: DNS Security, Part 1

Cisco Security

After examining topics such as the MITRE ATT&CK framework , LOLBins , and others, this release will look at DNS traffic to malicious sites. We’ll also look at malicious DNS activity—the number of queries malicious sites receive. Organizations and malicious DNS activity.

DNS 112

Threat Trends: DNS Security, Part 2

Cisco Security

This is what we covered in part one of this Threat Trends release on DNS Security, using data from Cisco Umbrella , our cloud-native security service. This time we’ll be comparing yearly totals of DNS traffic to malicious sites, by industry. percent lower in overall DNS traffic.

DNS 110

DNS-over-HTTPS takes another small step towards global domination

Malwarebytes

Firefox recently announced that it will be rolling out DNS-over-HTTPS (or DoH) soon to one percent of its Canadian users as part of its partnership with CIRA (the Canadian Internet Registration Authority), the Ontario-based organization responsible for managing the.ca

DNS 97

Internet Systems Consortium (ISC) fixes High-Severity DoS flaw in BIND DNS Software

Security Affairs

The Internet Systems Consortium (ISC) addressed a high-severity denial-of-service (DoS) flaw (CVE-2021-25218) affecting the BIND DNS software. Some operating systems allow packets received via other protocols to affect PMTUD values for DNS over UDP.”

DNS 89

Corporate and Government Customers’ Data Exposed by DNS Vulnerabilities

Heimadal Security

cloud security analysts were searching through Amazon Web Services’ Route53 Domain Name Service (DNS) when they noticed all of a sudden that its self-service domain registration system allowed them to create a new hosted zone with the same name as the authentic AWS name server it was utilizing.

DNS 67

Enable secure DNS on your Chromebook: Here's how

Tech Republic Security

For a more secure experience, use DNS-over-HTTPS on your Chromebook. Jack Wallen shows you how

DNS 124

Google Announces DNS over HTTPS ‘General Availability’

Threatpost

Google finalizes its DNS-over-HTTPS service inching toward a world where DNS request are sent via HTTPS and not UDP or TCP. DNS over HTTPS DNS Spoofing DNS-over-HTTPS service HTTPSHacks Privacy Web Security 1.1.1.1

DNS 84

NSA Recommends Using Only 'Designated' DNS Resolvers

Dark Reading

Agency provides guidelines on securely deploying DNS over HTTPS, aka DoH

DNS 85

Brave browser leaks onion addresses in DNS traffic

Zero Day

DNS leak leaves footprints in DNS server logs for a Brave user's Tor traffic

DNS 114

New DNS vulnerability allows 'nation-state level spying' on companies

Bleeping Computer

Security researchers found a new class of DNS vulnerabilities impacting major DNS-as-a-Service (DNSaaS) providers that could allow attackers to access sensitive information from corporate networks. [.].

DNS 114

Microsoft Adds DNS-Over-HTTPS Support for Windows 10 Insiders

Threatpost

Microsoft is letting Windows Insiders test-drive DNS-over-HTTPS protocol in a pre-release build of Windows 10. Privacy Web Security chrome DNS DNS over HTTPS DNS-over-HTTPS service DoH DOT Firefox google HTTPS Microsoft Mozilla Windows 10 windows 10 build Windows Insider

DNS 91

New TsuNAME DNS bug allows attackers to DDoS authoritative DNS servers

Bleeping Computer

Attackers can use a newly disclosed domain name server (DNS) vulnerability publicly known as TsuNAME as an amplification vector in large-scale reflection-based distributed denial of service (DDoS) attacks targeting authoritative DNS servers. [.].

DNS 113

Threat Trends: DNS Security

Cisco Security

After examining topics such as the MITRE ATT&CK framework , LOLBins , and others, this release will look at DNS traffic to malicious sites. We’ll also look at malicious DNS activity—the number of queries malicious sites receive. Organizations and malicious DNS activity.

DNS 65

New DNS Name Server Hijack Attack Exposes Businesses, Government Agencies

Dark Reading

Researchers found a "novel" class of DNS vulnerabilities in AWS Route53 and other DNS-as-a-service offerings that leak sensitive information on corporate and government customers, with one simple registration step

DNS 86

How to enable secure DNS on your Chromebook

Tech Republic Security

Jack Wallen walks you through the process of using DNS-over-HTTPS on your Chromebook for a more secure experience

DNS 124

Black Hat: Novel DNS Hack Spills Confidential Corp Data

Threatpost

Threatpost interviews Wiz CTO about a vulnerability recently patched by Amazon Route53's DNS service and Google Cloud DNS. Cloud Security Hacks Vulnerabilities

DNS 88

New Proposed DNS Security Features Released

Dark Reading

Verisign's R&D team has developed new ways to authenticate and optimize DNS traffic on the client side of the domain-name resolution process

DNS 87

Bugs in Managed DNS Services Cloud Let Attackers Spy On DNS Traffic

The Hacker News

Cybersecurity researchers have disclosed a new class of vulnerabilities impacting major DNS-as-a-Service (DNSaaS) providers that could allow attackers to exfiltrate sensitive information from corporate networks. "We

DNS 83

Critical DNS Bug Opens Windows Servers to Infrastructure Takeover

Threatpost

Vulnerabilities Web Security critical vulnerability CVE-2020-1350 DNS DNS NameServer dns.exe Domain Administrator HTTP request July Patch Tuesday Microsoft patch Microsoft Security Response Center security bug SigRed WinDNS Windows server wormable

DNS 99

VIPRE Endpoint Security and Encrypted DNS

Vipre

Most of you have probably heard about encrypted DNS (DNS-over-HTTPS or DoH, and DNS-over-TLS or DoT) and have noticed that several of the major browser vendors have rolled out support for these newer protocols. ” And we would agree: encrypted DNS does provide a convenient way for computer users to mask the names and IP addresses of the hosts they are looking up, and can also help prevent tampering with those mappings in transit.

DNS 43

Name:Wreck DNS Bugs Put IoT Devices At Risk

Heimadal Security

Security experts from Forescout and JSOF have discovered a new set of DNS vulnerabilities that could impact more than 100 million IoT devices used by consumers and organizations. The post Name:Wreck DNS Bugs Put IoT Devices At Risk appeared first on Heimdal Security Blog.

DNS 87

Into the Rabbit Hole – Offensive DNS Tunneling Rootkits

Doctor Chaos

In this blog, we will discuss one of them which is DNS tunneling and how it works. We will look at well-known DNS tunneling attack rootkits and how to configure them to test the security and detection capabilities in your environment. What is DNS? How DNS Tunneling Attacks Work.

DNS 130

DNS Observatory Offers Researchers New Insight into Global DNS Activity

Dark Reading

Among its early findings, 60% of the DNS transactions captured were handled by just 1,000 name servers

DNS 82

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

” The DNS part of that moniker refers to the global “ D omain N ame S ystem ,” which serves as a kind of phone book for the Internet by translating human-friendly Web site names (example.com) into numeric Internet address that are easier for computers to manage. Talos reported that these DNS hijacks also paved the way for the attackers to obtain SSL encryption certificates for the targeted domains (e.g. PASSIVE DNS. The U.S.

DNS 200

Microsoft outage caused by overloaded Azure DNS servers

Bleeping Computer

Microsoft has revealed that Thursday's worldwide outage was caused by a code defect that allowed the Azure DNS service to become overwhelmed and not respond to DNS queries. [.].

DNS 114

Flaws in the BIND software expose DNS servers to attacks

Security Affairs

The Internet Systems Consortium (ISC) released updates for the BIND DNS software to patch several denial-of-service (DoS) and potential RCE flaws. The post Flaws in the BIND software expose DNS servers to attacks appeared first on Security Affairs.

DNS 110