For most internet users, there’s not much of a perceivable difference between the domain name they want to visit and the server that the domain queries.
That’s because the Domain Name System (DNS) protocol does a good job of seamlessly routing users to different IP addresses that are all associated with a single domain name. The bad news is that this level of seamlessness makes it easier for threat actors and criminals to steal sensitive information and compromise computer hardware and networks with malware.
The latest news on DNS vulnerabilities shines the spotlight on nine newly discovered vulnerabilities that put more than 100 million IoT devices in jeopardy. These DNS vulnerabilities, dubbed “NAME:WRECK DNS,” threaten IoT users with Denial of Service (DoS) and Remote Code Execution attacks that let cybercriminals assume control over targeted IoT systems.
Read more…
Source: Tripwire