Review: DNS Security
About the authors Allan Liska is a Consulting Systems Engineer at FireEye, and Geoffrey Stowe is an Engineering Lead at Palantir Technologies. Inside DNS Security: Defending …
Malvertising campaign compromises routers instead of computers
The DNSChanger exploit kit is back and more effective than ever, and is being used in a widespread malvertising attack whose goal is to compromise small/home office routers. …
Dyn DDoS attack post-mortem: Users inadvertently helped
As StarHub, one of the three major telcos in Singapore, confirmed that they were the latest victim of “intentional and likely malicious distributed denial-of-service …
Dyn DDoS attack: The aftermath
On October 21, New Hampshire-based Internet performance management company Dyn suffered the largest DDoS attack ever to be registered. The attacks – there were three, in …
Major US DNS provider hit with DDoS, part of the Internet becomes unreachable
US-based DNS provider Dyn has suffered a massive DDoS attack earlier today, and it resulted in many websites being completely or intermittently inaccessible for a few hours. …
Why DNS shouldn’t be used for data transport
Malicious DNS tunnelling is a big problem in cybersecurity. The technique involves the use of the Domain Name System (DNS) protocol to smuggle sensitive corporate or personal …
DNS provider NS1 hit with multi-faceted DDoS attacks
Early last week, DNS and traffic management provider NS1 was hit with a series of DDoS attacks that lasted several days, and managed to impact DNS delivery in the European, …
WPAD name collision bug opens door for MitM attackers
A vulnerability in Web Proxy Auto-Discovery (WPAD), a protocol used to ensure all systems in an organization utilize the same web proxy configuration, can be exploited to …
.onion officially registered as special-use domain name by the IETF
By publishing the RFC 7686 standard, the Internet Engineering Task Force (IETF) has formally recognized the .onion domain as a special-use domain name. “Over the last …
Attackers are downing DNS servers by exploiting BIND bug
As predicted, the critical and easily exploitable flaw that affects all versions of BIND, the most widely used DNS software on the Internet, has started being exploited by …
Misconfigured DNS servers may leak domain info, warns US-CERT
US-CERT is urging administrators of Domain Name System servers to check whether their machines are misconfigured to respond to global Asynchronous Transfer Full Range (AXFR) …
Mitigations for Spike DDoS toolkit-powered attacks
Akamai Technologies released, through the company’s Prolexic Security Engineering & Response Team (PLXsert), a new cybersecurity threat advisory that alerts …
Featured news
Sponsored
Don't miss
- Most people still rely on memory or pen and paper for password management
- What AI can tell organizations about their M&A risk
- Breaking down the numbers: Cybersecurity funding activity recap
- Applying DevSecOps principles to machine learning workloads
- Overcoming GenAI challenges in healthcare cybersecurity