article thumbnail

Morphing Meerkat phishing kits exploit DNS MX records

Security Affairs

Morphing Meerkat phishing kits exploit DNS MX records to deliver spoofed login pages, targeting over 100 brands. Threat actors are exploiting DNS techniques to enhance phishing attacks, using MX records to dynamically serve spoofed login pages. .” By July 2023 kits could dynamically load phishing pages based on DNS MX records.

DNS 84
article thumbnail

RSAC Fireside Chat: ‘Protective DNS’ directs smart audits, automated remediation to IP addresses

The Last Watchdog

Related: DNS — the good, bad and ugly Without DNS the World Wide Web never would never have advanced as far and wide as it has. However, due to its intrinsic openness and anonymity DNS has also become engrained as the primary communications mechanism used by cyber criminals and cyber warfare combatants.

DNS 207
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

“KeyTrap” (CVE-2023-50387) Flaw Leaves DNS Systems Vulnerable, PoC Published

Penetration Testing

A proof-of-concept (PoC) was disclosed for a severe design flaw (CVE-2023-50387) in Domain Name System Security Extensions (DNSSEC), leaving DNS infrastructures vulnerable to widespread denial-of-service (DoS) attacks.

DNS 136
article thumbnail

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

Rumors of a cracked version of Acunetix being used by attackers surfaced in June 2023 on Twitter/X , when researchers first posited a connection between observed scanning activity and Araneida. According to an August 2023 report (PDF) from the U.S. co — first came online in February 2023. 2023 on the forum Cracked.

Hacking 229
article thumbnail

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Security Affairs

The China-linked threat actors Muddling Meerkat are manipulating DNS to probe networks globally since 2019. Infoblox researchers observed China-linked threat actors Muddling Meerkat using sophisticated DNS activities since 2019 to bypass traditional security measures and probe networks worldwide. ” concludes the report.

DNS 140
article thumbnail

Chinese Actor SecShow Conducts Massive DNS Probing on Global Scale

The Hacker News

Cybersecurity researchers have shed more light on a Chinese actor codenamed SecShow that has been observed conducting Domain Name System (DNS) on a global scale since at least June 2023.

DNS 139
article thumbnail

DNSBomb: New DDoS Attack Explodes DNS Traffic, Threatening Critical Internet Infrastructure

Penetration Testing

This innovative attack weaponizes DNS (Domain Name System) traffic to overwhelm and disrupt online services,... The post DNSBomb: New DDoS Attack Explodes DNS Traffic, Threatening Critical Internet Infrastructure appeared first on Penetration Testing.

DNS 145