article thumbnail

Oblivious DNS

Schneier on Security

Interesting idea : we present Oblivious DNS (ODNS), which is a new design of the DNS ecosystem that allows current DNS servers to remain unchanged and increases privacy for data in motion and at rest. The authoritative server then forwards the DNS request to the appropriate name server, acting as a recursive resolver.

DNS 33
article thumbnail

Don’t Let Your Domain Name Become a “Sitting Duck”

Krebs on Security

Your Web browser knows how to find a site like example.com thanks to the global Domain Name System (DNS), which serves as a kind of phone book for the Internet by translating human-friendly website names (example.com) into numeric Internet addresses. And the bulk of these are at a handful of DNS providers.”

DNS 324
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Unpatched DNS bug affects millions of routers and IoT devices

Bleeping Computer

A vulnerability in the domain name system (DNS) component of a popular C standard library that is present in a wide range of IoT products may put millions of devices at DNS poisoning attack risk. [.].

DNS 137
article thumbnail

Threat Trends: DNS Security, Part 1

Cisco Security

After examining topics such as the MITRE ATT&CK framework , LOLBins , and others, this release will look at DNS traffic to malicious sites. We’ll also look at malicious DNS activity—the number of queries malicious sites receive. Organizations and malicious DNS activity. Overview of analysis. Cryptomining.

DNS 144
article thumbnail

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Security Affairs

Iran-linked Lyceum APT group uses a new.NET-based DNS backdoor to target organizations in the energy and telecommunication sectors. The Iran-linked Lyceum APT group, aka Hexane or Spilrin, used a new.NET-based DNS backdoor in a campaign aimed at companies in the energy and telecommunication sectors, ZScaler researchers warn.

DNS 145
article thumbnail

DEF CON 32 – Recon Village – Pushing the Limits of Mass DNS Scanning

Security Boulevard

Speaker: Jasper Insinger Our sincere appreciation to DEF CON , and the Presenters/Authors for publishing their erudite []DEF CON 32] 2 content. Permalink The post DEF CON 32 – Recon Village – Pushing the Limits of Mass DNS Scanning appeared first on Security Boulevard.

DNS 52
article thumbnail

DHS issues emergency Directive to prevent DNS hijacking attacks

Security Affairs

DHS has issued a notice of a CISA emergency directive urging federal agencies of improving the security of government-managed domains (i.e.gov) to prevent DNS hijacking attacks. The notice was issued by the DHS and links the emergency directive Emergency Directive 19-01 titled “Mitigate DNS Infrastructure Tampering.”.

DNS 111