New TsuNAME DNS bug allows attackers to DDoS authoritative DNS servers

Attackers can use a newly disclosed domain name server (DNS) vulnerability publicly known as TsuNAME as an amplification vector in large-scale reflection-based distributed denial of service (DDoS) attacks targeting authoritative DNS servers. In simpler terms, authoritative DNS servers translate web Read More …

NAME:WRECK DNS vulnerabilities affect over 100 million devices

Security researchers today disclosed nine vulnerabilities affecting implementations of the Domain Name System protocol in popular TCP/IP network communication stacks running on at least 100 million devices. Collectively referred to as NAME: WRECK, the flaws could be leveraged to take Read More …

DNSpooq bugs let attackers hijack DNS on millions of devices

Israel-based security consultancy firm JSOF disclosed today seven Dnsmasq vulnerabilities, collectively known as DNSpooq, that can be exploited to launch DNS cache poisoning, remote code execution, and denial-of-service attacks against millions of affected devices. Dnsmasq is a popular and open-source Read More …

NSA Recommends How Enterprises Can Securely Adopt Encrypted DNS

The National Security Agency released a cybersecurity product, “Adopting Encrypted DNS in Enterprise Environments,” Thursday explaining the benefits and risks of adopting the encrypted domain name system (DNS) protocol, DNS over HTTPs (DoH), in enterprise environments. The release provides solutions Read More …

Iranian hacker group becomes first known APT to weaponize DNS-over-HTTPS (DoH)

An Iranian hacking group known as Oilrig has become the first publicly known threat actor to incorporate the DNS-over-HTTPS (DoH) protocol in its attacks. Speaking in a webinar last week, Vincente Diaz, a malware analyst for antivirus maker Kaspersky, said Read More …

Threat Brief: Microsoft DNS Server Wormable Vulnerability CVE-2020-1350

In July 2020, Microsoft released a security update, CVE-2020-1350 | Windows DNS Server Remote Code Execution Vulnerability, for a new remote code execution (RCE) vulnerability. This vulnerability exists within the Microsoft Windows Domain Name System (DNS) Server due to the Read More …