CSO and DNS - Cyber Security Informer

DNS over HTTPS, DNS over TLS explained: Encrypting DNS traffic

CSO Magazine

MARCH 29, 2021

Being the backbone of the internet, the Domain Name System (DNS) protocol has undergone a series of improvements and enhancements over the past few years.

DNS

DNS Encryption Internet Internet

DNS data shows one in 10 organizations have malware traffic on their networks

CSO Magazine

MARCH 14, 2023

During every quarter last year, between 10% and 16% of organizations had DNS traffic originating on their networks towards command-and-control (C2) servers associated with known botnets and various other malware threats, according to a report from cloud and content delivery network provider Akamai.

DNS

DNS Malware Ransomware

4 strategies to help reduce the risk of DNS tunneling

CSO Magazine

APRIL 13, 2023

Domain name system (DNS) tunneling is a pervasive threat that enables hackers to get any data in and out of a company's internal network while bypassing most firewalls. But DNS tunneling essentially smuggles hostile traffic through DNS ports, which makes these attacks difficult to detect and mitigate.

DNS

DNS Risk Firewall Internet

Flaws in widely used dnsmasq software leave millions of Linux-based devices exposed

CSO Magazine

JANUARY 19, 2021

Security researchers have found several serious vulnerabilities in dnsmasq, a utility used in many Linux-based systems, especially routers and other IoT devices, to provide DNS services. Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ].

DNS

DNS CSO IoT Software

BrandPost: The status quo for DNS security isn’t working

CSO Magazine

APRIL 19, 2023

The Domain Name System (DNS) is often referred to as the phone book of the internet. DNS translates web addresses, which people use, into IP addresses, which machines use. But DNS was not designed with security in mind. This has only worsened with the adoption of encrypted DNS, known as DNS-over-HTTPS (DoH).

DNS

DNS Encryption Internet Internet

DNS data indicates increased malicious domain activity, phishing toolkit reuse

CSO Magazine

AUGUST 25, 2022

The findings are based on DNS data and Akamai’s visibility into carrier and enterprise traffic across different industries and geographies. This represented a 3% increase compared to Q1 2022, the firm stated, with phishing toolkits playing a key role in malicious domain-related activity.

DNS

DNS Phishing Malware Ransomware

Attackers use public cloud providers to spread RATs

CSO Magazine

JANUARY 21, 2022

To camouflage their activity, the researchers noted, the hackers used the DuckDNS dynamic DNS service to change the domain names of the command-and-control hosts used for the campaign, which started distributing variants of Nanocore, Netwire, and AsyncRATs to targets in the United States, Italy and Singapore, starting around October 26.

DNS

DNS Malware

BrandPost: Detect and Remediate the Exploitation of the Log4j Vulnerability

CSO Magazine

DECEMBER 21, 2021

The JNDI injection can leverage different protocols such as Lightweight Directory Access Protocol (LDAP), Secure LDAP (LDAPS), Remote Method Invocation (RMI), or Domain Name Service (DNS) to request a malicious payload. To read this article in full, please click here

DNS

OpenSSL project patches two vulnerabilities but downgrades severity

CSO Magazine

NOVEMBER 1, 2022

Punycode is a system for representing Unicode characters as ASCII and is used for example to represent internationalized domain names in the DNS system. The two vulnerabilities, tracked as CVE-2022-3786 and CVE-2022-3602, are buffer overflow conditions in the punycode decoding functionality that was first introduced in OpenSSL 3.0.0

DNS

Iranian cyberspies deploy new malware implant on Microsoft Exchange Servers

CSO Magazine

APRIL 26, 2023

The malware uses DNS queries to receive commands from attackers encoded into IP addresses. A cyberespionage group believed to be associated with the Iranian government has been infecting Microsoft Exchange Servers with a new malware implant dubbed BellaCiao that acts as a dropper for additional payloads.

Malware

Malware DNS Government

Hackers using stealthy Linux backdoor Symbiote to steal credentials

CSO Magazine

JUNE 9, 2022

Network telemetry can be used to detect anomalous DNS requests and security tools such as AVs and EDRs should be statically linked to ensure they are not “infected” by userland rootkits." "Symbiote is a malware that is highly evasive," researchers from BlackBerry said in a new report. To read this article in full, please click here

DNS

DNS Malware

Global 2000 companies failing to adopt key domain security measures

CSO Magazine

NOVEMBER 15, 2022

The enterprise-class domain registrar and Domain Name System (DNS) threats mitigator found that 75% of Global 2000s have implemented fewer than half of all domain security measures with Domain-based Message Authentication, Reporting, and Conformance (DMARC) , the only domain security measure with significantly increased adoption since 2020.

DNS

DNS Phishing Authentication Risk

BrandPost: Today’s New Business Normal Creates Threat Opportunities

CSO Magazine

SEPTEMBER 2, 2021

Moreover, widespread reliance on video conferencing apps forced many businesses to upgrade enterprise wide-area network and local-area network capacity, as well as to reevaluate routing and DNS resolution paths within the network.

DNS

DNS VPN Software

BrandPost: 5 Often-Overlooked Log Sources

CSO Magazine

FEBRUARY 23, 2021

Common logs from servers and firewalls are fairly easily ingested and parsed, while DNS or physical security logs are much tougher to manage at scale, and block visibility into the security environment. All logs are not created equal.

DNS

DNS Firewall

BrandPost: Understanding DoH Challenges: A Necessary Step in Improving Network Privacy & Security

CSO Magazine

JUNE 14, 2021

DNS, or Domain Name System, was created to provide a better way, one in which users could type in a friendly host name rather than an IP. DNS not only met this need but has also scaled incredibly well — now supporting over 330 million domains. In considering what DNS provides, the flaws in privacy become very apparent.

DNS

DNS IoT Internet Internet

15 Top Cybersecurity Certifications for 2022

eSecurity Planet

JUNE 21, 2022

My advice for anybody that asks me which certifications they should get is this: find a certification in a subject that you wish to learn about,” Palo Alto Networks CSO Rick Howard said. “If If you are going to study the subject anyway, you might as well get a certification out of it.”. Also read: How to Get Started in a Cybersecurity Career.

Cybersecurity

Cybersecurity Penetration Testing System Administration Cyber Attacks

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

DNS over HTTPS is a sensitive info grab by whomever Web browsers partner with, yet it's sold as a "privacy enhancement." " Instead of keeping DNS for most consumers at their ISP, the DoH providers now seize a Web usage goldmine. The majority will not change their browser defaults.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Cyber Security Informer

DNS over HTTPS, DNS over TLS explained: Encrypting DNS traffic

DNS data shows one in 10 organizations have malware traffic on their networks

Trending Sources

4 strategies to help reduce the risk of DNS tunneling

Flaws in widely used dnsmasq software leave millions of Linux-based devices exposed

BrandPost: The status quo for DNS security isn’t working

DNS data indicates increased malicious domain activity, phishing toolkit reuse

Attackers use public cloud providers to spread RATs

BrandPost: Detect and Remediate the Exploitation of the Log4j Vulnerability

OpenSSL project patches two vulnerabilities but downgrades severity

Iranian cyberspies deploy new malware implant on Microsoft Exchange Servers

Hackers using stealthy Linux backdoor Symbiote to steal credentials

Global 2000 companies failing to adopt key domain security measures

BrandPost: Today’s New Business Normal Creates Threat Opportunities

BrandPost: 5 Often-Overlooked Log Sources

BrandPost: Understanding DoH Challenges: A Necessary Step in Improving Network Privacy & Security

15 Top Cybersecurity Certifications for 2022

Top Cybersecurity Accounts to Follow on Twitter

Stay Connected