Heimadal Security

NOVEMBER 14, 2022

DNS logging is the process of gathering detailed data on DNS traffic (all DNS information that is sent and received by the DNS server), usually to help network administrators resolve DNS errors or, especially in cybersecurity, quickly identify and mitigate threat actors’ attempts to attack the DNS infrastructure.

DNS 98

DNS Cybersecurity 98

eSecurity Planet

NOVEMBER 10, 2023

DNS security protects the domain name system (DNS) from attackers seeking to reroute traffic to malicious sites. Since a majority of business IT traffic now accesses or passes through the internet, DNS plays an increasingly important — and vulnerable — role. in the DNS cache for more efficient delivery of information to users.

DNS 111

DNS DDOS Encryption Authentication 111

Heimadal Security

MAY 28, 2021

The Domain Name System (DNS), with its quirks, kinks, and compulsion to create unnecessarily long acronyms is a world of its own (design). At this point, any DNS treatise, article, paper, or cheat-sheet, makes Encyclopedia Britannica’s letter “A” volume look like a “quit smoking” leaflet.

DNS 116

DNS Cybersecurity 116

CSO Magazine

MARCH 14, 2023

During every quarter last year, between 10% and 16% of organizations had DNS traffic originating on their networks towards command-and-control (C2) servers associated with known botnets and various other malware threats, according to a report from cloud and content delivery network provider Akamai.

DNS 128

DNS Malware Ransomware 128

Heimadal Security

AUGUST 8, 2022

The DNS is an essential concept in the online world, and its operations empower users all around the world to access billions of websites every day. But what is DNS? And, perhaps more importantly, how does DNS work? In this article, you will learn the definition of the DNS and how the servers involved in […].

DNS 105

DNS 105

Schneier on Security

JUNE 30, 2022

Its ability to enumerate all devices connected to an infected router and collect the DNS lookups and network traffic they send and receive and remain undetected is the hallmark of a highly sophisticated threat actor. More details in the article.

Malware 245

Malware DNS Architecture Hacking 245

Troy Hunt

JULY 19, 2018

Do get these right per the Microsoft article above, it'll ensure production traffic is hitting production storage accounts and other services you want handled separately between that environment and the staging one. Onto the next piece and per the title, it's going to involve DNS rollover.

DNS 143

DNS Passwords Firewall Authentication 143

CSO Magazine

APRIL 13, 2023

Domain name system (DNS) tunneling is a pervasive threat that enables hackers to get any data in and out of a company's internal network while bypassing most firewalls. But DNS tunneling essentially smuggles hostile traffic through DNS ports, which makes these attacks difficult to detect and mitigate.

DNS 83

DNS Risk Firewall Internet 83

The State of Security

MARCH 31, 2022

While there were plenty of interesting topics taught, one that caught my attention was Out-of-Band (OOB) Data Exfiltration using DNS. The post Out of Band (OOB) Data Exfiltration via DNS appeared first on The State of Security. Back in 2018, NotSoSecure published an Out of Band Exploitation (OOB) CheatSheet.

DNS 93

DNS Hacking 93

PerezBox Security

NOVEMBER 4, 2018

If you’re reading this article you’ve interacted with DNS. In fact, you’d be hard pressed to spend any time online and not interact with DNS. The post A Primer on DNS and Security appeared first on PerezBox. Many of us spend very.

DNS 73

DNS Technology Information Security 73

CSO Magazine

APRIL 19, 2023

The Domain Name System (DNS) is often referred to as the phone book of the internet. DNS translates web addresses, which people use, into IP addresses, which machines use. But DNS was not designed with security in mind. This has only worsened with the adoption of encrypted DNS, known as DNS-over-HTTPS (DoH).

DNS 70

DNS Encryption Internet Internet 70

Security Affairs

JANUARY 19, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 63

Malware Artificial Intelligence DNS Ransomware 63

CyberSecurity Insiders

APRIL 1, 2022

As CIOs and CTOs are getting extremely worried about distributed denial of service attacks (DDoS), here’s a brief article that can help to enlighten their mind on protecting their corporate networks, without the need of any professional help. Running a DDoS Testing- It is essential, although it is a 3 hour effort to conduct.

DDOS 135

DDOS DNS Education Risk 135

SecureWorld News

JANUARY 13, 2025

Networking Basics: Understanding protocols like TCP/IP, DNS, and DHCP is critical. This article originally appeared on LinkedIn here. And don't overlook risk managementit's all about spotting potential threats and figuring out how to handle them before they become a problem. The result? Your talent stack is your superpower.

Cybersecurity 105

Cybersecurity DNS Threat Detection Software 105

Security Affairs

NOVEMBER 10, 2024

” reads the article published by the Wall Street Journal. “Do In August, Volexity researchers reported that a China-linked APT group, tracked as StormBamboo (aka Evasive Panda , Daggerfly , and StormCloud), successfully compromised an undisclosed internet service provider (ISP) in order to poison DNS responses for target organizations.

Hacking 129

Hacking Internet Internet Government 129

Malwarebytes

MAY 4, 2022

Researchers have found a vulnerability in a popular C standard library in IoT products that could allow attackers to perform DNS poisoning attacks against a target device. Similar to other C standard libraries, uClibc provides an extensive DNS client interface that allows programs to readily perform lookups and other DNS-related requests.

IoT 133

IoT DNS Risk Internet 133

PerezBox Security

DECEMBER 24, 2019

On December 18th, DeepInstinct put out a great article outlining the latest Legion Loader campaign. The post Mitigating Web Threats with CleanBrowsing DNS appeared first on PerezBox. Whether a parent, or organization, this served as a great example to demonstrate the effectiveness.

DNS 64

DNS Information Security 64

Hacker's King

SEPTEMBER 4, 2024

What if there was a tool that could give you a visual map of your target's entire DNS footprint in seconds? Welcome to DNS Dumpster , your go-to graphical DNS recon and research OSINT tool that combines ease of use with powerful insights. What You’ll Learn in This Article Introduction to DNS Dumpster Why Use DNS Dumpster?

DNS 52

DNS Data collection Cybersecurity Hacking 52

CSO Magazine

AUGUST 25, 2022

The findings are based on DNS data and Akamai’s visibility into carrier and enterprise traffic across different industries and geographies. To read this article in full, please click here This represented a 3% increase compared to Q1 2022, the firm stated, with phishing toolkits playing a key role in malicious domain-related activity.

DNS 69

DNS Phishing Malware Ransomware 69

Adam Shostack

JANUARY 2, 2025

More thoughts about AI and threat modeling Since writing my Dark Reading article , I had some time to continue investigating ChatGPT and threat modeling, and a few notes. That use, as I mention in my Dark Reading article, might lull people into relaxing and not paying close attention. But we might not be. And that seems really bad.

DNS 130

DNS Authentication Software Media 130

CSO Magazine

JANUARY 21, 2022

To camouflage their activity, the researchers noted, the hackers used the DuckDNS dynamic DNS service to change the domain names of the command-and-control hosts used for the campaign, which started distributing variants of Nanocore, Netwire, and AsyncRATs to targets in the United States, Italy and Singapore, starting around October 26.

DNS 131

DNS Malware 131

Security Affairs

DECEMBER 27, 2024

“This article looks at their infected traffic and offers insights into these botnets.” The malware FICORA is a variant of the Mirai malware, it includes DDoS attack capabilities using multiple protocols such as UDP, TCP, and DNS. ” reads the report published by Fortinet.

Architecture 68

Architecture Malware DNS DDOS 68

CSO Magazine

JANUARY 19, 2021

Security researchers have found several serious vulnerabilities in dnsmasq, a utility used in many Linux-based systems, especially routers and other IoT devices, to provide DNS services. Dnsmasq is a lightweight tool that provides DNS caching, DNS forwarding and DHCP (Dynamic Host Configuration Protocol) services.

DNS 104

DNS CSO IoT Software 104

Security Boulevard

MAY 9, 2023

Many articles in the industry and my blog on Deciphering SASE are very clear on the major constituents of SASE. Security functions across these components are […] The post Role of DNS-level security for SASE appeared first on Aryaka. The post Role of DNS-level security for SASE appeared first on Security Boulevard.

DNS 52

DNS Firewall 52

Security Boulevard

JULY 28, 2022

Domain Name System (DNS) records are crucial instructions that help servers handle requests from web clients. There are different types of DNS records; many of which we’ve discussed in our previous blog posts. In this article, we’ll introduce you to DNS NS records or Name Server records and why they’re essential to DNS and the […].

DNS 52

DNS Security Awareness Cybersecurity 52

Daniel Miessler

MAY 8, 2020

This is the most important thing in this article. Change your DNS to 1.1.1.2, Next, you can consider changing your DNS settings on all your devices to use those by Cloudflare. There are security/hacker types that maintain massive repositories of passwords. Change all default passwords to something unique and strong. or 1.1.1.3

Passwords 255

Passwords DNS Accountability IoT 255

eSecurity Planet

JANUARY 6, 2021

This article will touch on TCP/IP stacks’ role in network security, the critical vulnerabilities identified by Forescout, and immediate steps to mitigate AMNESIA:33 attacks. Stack components impacted include DNS, IPv6, IPv4, TCP, ICMP, LLMNR, and mDNS. DNS Cache Poisoning: 2. DNS Cache Poisoning. Devices Impacted.

IoT 141

IoT DNS Internet Internet 141

CSO Magazine

DECEMBER 21, 2021

The JNDI injection can leverage different protocols such as Lightweight Directory Access Protocol (LDAP), Secure LDAP (LDAPS), Remote Method Invocation (RMI), or Domain Name Service (DNS) to request a malicious payload. To read this article in full, please click here

DNS 113

DNS 113

Security Boulevard

JULY 13, 2022

Among the types of DNS records available, TXT records are widely used among administrators. In this article, we’ll look into what a TXT record is and how you can create it. We’ll also show you its format and how to add a TXT record to DNS. What is a DNS TXT Record? […]. Let’s get started! appeared first on EasyDMARC.

DNS 52

DNS Security Awareness Cybersecurity 52

Security Boulevard

MARCH 31, 2022

While there were plenty of interesting topics taught, one that caught my attention was Out-of-Band (OOB) Data Exfiltration using DNS. The post Out of Band (OOB) Data Exfiltration via DNS appeared first on The State of Security. The post Out of Band (OOB) Data Exfiltration via DNS appeared first on Security Boulevard.

DNS 52

DNS Hacking 52

Security Affairs

JANUARY 19, 2025

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Spyware 68

Spyware Data breaches DNS Artificial Intelligence 68

CSO Magazine

NOVEMBER 1, 2022

Punycode is a system for representing Unicode characters as ASCII and is used for example to represent internationalized domain names in the DNS system. To read this article in full, please click here In OpenSSL the vulnerable code is used for processing email address name constraints in X.509

DNS 119

DNS 119

CSO Magazine

APRIL 26, 2023

The malware uses DNS queries to receive commands from attackers encoded into IP addresses. To read this article in full, please click here

Malware 107

Malware DNS Government 107

Cisco Security

JUNE 13, 2022

This article is part of a series in which we will explore several features, principles, and the building blocks of a security detection engine within an extended detection and response (XDR) solution. The third line informs us that, on a factual basis, only a communication with an IP address was observed.

DNS 144

DNS Engineering Authentication Malware 144

CSO Magazine

JUNE 9, 2022

Network telemetry can be used to detect anomalous DNS requests and security tools such as AVs and EDRs should be statically linked to ensure they are not “infected” by userland rootkits." To read this article in full, please click here "Since the malware operates as a userland level rootkit, detecting an infection may be difficult.

DNS 104

DNS Malware 104

Cisco Security

MARCH 16, 2021

In this blog I’ll describe two recent privacy advances—DNS over HTTPS (DoH) and QUIC—and what we’re doing to maintain visibility. Keeping your destination private: DNS over HTTPS. When you type “example.com” in your browser, the request goes to a DNS server that matches the URL to an IP address. I welcome your comments.

Encryption 102

Encryption DNS Threat Detection Internet 102

SecureList

MARCH 10, 2021

This article analyzes only fake AdShield app, but all the other cases follow the same scenario. After the user starts the program, it changes the DNS settings on the device so that all domains are resolved through the attackers’ servers, which, in turn, prevent users from accessing certain antivirus sites, such as Malwarebytes.com.

DNS 145

DNS Antivirus Malware Encryption 145