article thumbnail

Sea Turtle Hackers Spy on Dutch ISPs and Telecommunication Companies

Heimadal Security

Sea Turtle Turkish state-backed group changed to focus on internet service providers (ISPs), telcos, media, and Kurdish websites. DNS hijacking and traffic redirection that leads to man-in-the-middle attacks are among their cyber espionage techniques.

article thumbnail

Why You Need a Secondary DNS

Security Boulevard

Last month, a large Canadian telecommunications provider suffered a catastrophic outage for more than 18 hours. Many Canadians found themselves disconnected when cellular networks and the internet failed to respond—at home or at work. The post Why You Need a Secondary DNS appeared first on Security Boulevard.

DNS 93
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers. federal civilian agencies to secure the login credentials for their Internet domain records. That changed on Jan.

DNS 260
article thumbnail

DHS issues emergency Directive to prevent DNS hijacking attacks

Security Affairs

DHS has issued a notice of a CISA emergency directive urging federal agencies of improving the security of government-managed domains (i.e.gov) to prevent DNS hijacking attacks. The notice was issued by the DHS and links the emergency directive Emergency Directive 19-01 titled “Mitigate DNS Infrastructure Tampering.”.

DNS 87
article thumbnail

Sunburst: connecting the dots in the DNS requests

SecureList

For instance, before making the first internet connection to its C2s, the Sunburst malware lies dormant for a long period, of up to two weeks, which prevents an easy detection of this behavior in sandboxes. In the initial phases, the Sunburst malware talks to the C&C server by sending encoded DNS requests. Low-level details.

DNS 75
article thumbnail

RuNet – Russia successfully concluded tests on its Internet infrastructure

Security Affairs

Russia successfully disconnected from the internet. Russia’s government announced that it has successfully concluded a series of tests for its RuNet intranet aimed at country disconnection from the Internet. One of them is checking the integrity and security of the Internet as a result of external negative influences.”

article thumbnail

INTERNET BLOCKING IN MYANMAR – SECRET BLOCK LIST AND NO MEANS TO APPEAL

Security Affairs

In March 2020, The Ministry of Telecommunications (MoTC) issued a directive to all operators in Myanmar with a secret list of 230 sites to be blocked due to the nature of the content; adult content and fake news. Our findings show that both Telenor and MPT block websites using DNS tampering. Circumvention of Internet blocking.