Chinese hackers compromised an ISP to deliver malicious software updates
APT StormBamboo compromised a undisclosed internet service provider (ISP) to poison DNS queries and thus deliver malware to target organizations, Volexity researchers have …
BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
BIND (Berkeley Internet Name Domain) is an open-source DNS software system with an authoritative server, a recursive resolver, and related utilities. BIND 9.20, a stable …
PolarDNS: Open-source DNS server tailored for security evaluations
PolarDNS is a specialized authoritative DNS server that allows the operator to produce custom DNS responses suitable for DNS protocol testing purposes. What can you do with …
The 3 key stages of ransomware attacks and useful indicators of compromise
For SOC teams to be able to defend their organization against ransomware attacks, they need to have the right security toolset, but also an understanding of the three primary …
Reinforcing cybersecurity: The network’s role to prevent, detect, and respond to attacks
It’s always DNS. That’s what the famous internet meme popular among sysadmins says anyway. It’s funny because while clearly, every network issue doesn’t resolve to some funky …
DIY attack surface management: Simple, cost-effective and actionable perimeter insights
Modern-day attack surface management (ASM) can be an intimidating task for most organizations, with assets constantly changing due to new deployments, assets being …
Avoiding domain security risks when taking your business online
Unfortunately, as available domain extensions increase in variety (and uniqueness), so do security risks. In this Help Net Security video, Prudence Malinki, Head of Industry …
DNS abuse: Advice for incident responders
What DNS abuse techniques are employed by cyber adversaries and which organizations can help incident responders and security teams detect, mitigate and prevent them? The DNS …
How to get cloud migration right
If you want to get cloud migration right, you must deal with an inconvenient truth: Cloud or hybrid cloud environments lower the drawbridge between your data center and the …
Microsoft fixes exploited zero-day in the Windows CLFS Driver (CVE-2022-37969)
September 2022 Patch Tuesday is here, with fixes for 64 CVE-numbered vulnerabilities in various Microsoft products, including one zero-day (CVE-2022-37969) exploited by …
Malicious DNS traffic targets corporate and personal devices
Akamai’s security research team examined potentially compromised devices, discovering that 12.3% communicated with domains associated with malware or ransomware during Q2 …
The impact of DNS attacks on global organizations
Often we see stories about cyber attacks that breached an organisations’ security parameters, and advice on how we can protect against future threats. However, what is often …
Featured news
Sponsored
Don't miss
- 100+ domains seized to stymie Russian Star Blizzard hackers
- October 2024 Patch Tuesday forecast: Recall can be recalled
- Best practices for implementing threat exposure management, reducing cyber risk exposure
- Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824)
- CUPS vulnerabilities could be abused for DDoS attacks