News • Insights • Analysis
Visitors attempting to reach some sites received DNS errors, meaning their requests could not reach the websites. Affected services included Airbnb, UPS, HSBC bank, British Airways and the PlayStation network used for online games. One popular DNS provider, Akamai, reported Read More …
For most internet users, there’s not much of a perceivable difference between the domain name they want to visit and the server that the domain queries. That’s because the Domain Name System (DNS) protocol does a good job of seamlessly Read More …
Attackers can use a newly disclosed domain name server (DNS) vulnerability publicly known as TsuNAME as an amplification vector in large-scale reflection-based distributed denial of service (DDoS) attacks targeting authoritative DNS servers. In simpler terms, authoritative DNS servers translate web Read More …
Security researchers today disclosed nine vulnerabilities affecting implementations of the Domain Name System protocol in popular TCP/IP network communication stacks running on at least 100 million devices. Collectively referred to as NAME: WRECK, the flaws could be leveraged to take Read More …
Israel-based security consultancy firm JSOF disclosed today seven Dnsmasq vulnerabilities, collectively known as DNSpooq, that can be exploited to launch DNS cache poisoning, remote code execution, and denial-of-service attacks against millions of affected devices. Dnsmasq is a popular and open-source Read More …
The National Security Agency released a cybersecurity product, “Adopting Encrypted DNS in Enterprise Environments,” Thursday explaining the benefits and risks of adopting the encrypted domain name system (DNS) protocol, DNS over HTTPs (DoH), in enterprise environments. The release provides solutions Read More …
Every now and then, a new domain name system (DNS) vulnerability that puts billions of devices around the world at risk is discovered. DNS vulnerabilities are usually critical. Just imagine that you browse to your bank account website, but instead Read More …
An Iranian hacking group known as Oilrig has become the first publicly known threat actor to incorporate the DNS-over-HTTPS (DoH) protocol in its attacks. Speaking in a webinar last week, Vincente Diaz, a malware analyst for antivirus maker Kaspersky, said Read More …
In July 2020, Microsoft released a security update, CVE-2020-1350 | Windows DNS Server Remote Code Execution Vulnerability, for a new remote code execution (RCE) vulnerability. This vulnerability exists within the Microsoft Windows Domain Name System (DNS) Server due to the Read More …
A critical Microsoft Windows Server bug opens company networks to hackers, allowing them to potentially seize control of IT infrastructures. Microsoft issued a patch for the bug on Tuesday as part of its July Patch Tuesday roundup. It turns out Read More …
