DNS - Cyber Security Informer

MasterCard DNS Error Went Unnoticed for Years

Krebs on Security

JANUARY 22, 2025

A DNS lookup on the domain az.mastercard.com on Jan. MasterCard.com relies on five shared Domain Name System (DNS) servers at the Internet infrastructure provider Akamai [DNS acts as a kind of Internet phone book, by translating website names to numeric Internet addresses that are easier for computers to manage].

DNS

DNS Internet Internet Risk

Oblivious DNS-over-HTTPS

Schneier on Security

DECEMBER 8, 2020

This new protocol , called Oblivious DNS-over-HTTPS (ODoH), hides the websites you visit from your ISP. Here’s how it works: ODoH wraps a layer of encryption around the DNS query and passes it through a proxy server, which acts as a go-between the internet user and the website they want to visit. Slashdot thread.

DNS

DNS Encryption Internet Internet

Zero-Trust DNS

Schneier on Security

MAY 16, 2024

Microsoft is working on a promising-looking protocol to lock down DNS. ZTDNS aims to solve this decades-old problem by integrating the Windows DNS engine with the Windows Filtering Platform—the core component of the Windows Firewall—directly into client devices.

DNS

DNS Firewall Engineering Network Security

MikroTik botnet relies on DNS misconfiguration to spread malware

Security Affairs

JANUARY 16, 2025

Researchers discovered a 13,000-device MikroTik botnet exploiting DNS flaws to spoof 20,000 domains and deliver malware. Infoblox researchers discovered a botnet of 13,000 MikroTik devices that exploits DNS misconfigurations to bypass email protections, spoof approximately 20,000 domains, and deliver malware.

DNS

DNS Malware Firmware Authentication

Firefox Enables DNS over HTTPS

Schneier on Security

FEBRUARY 25, 2020

This is good news : Whenever you visit a website -- even if it's HTTPS enabled -- the DNS query that converts the web address into an IP address that computers can read is usually unencrypted. DNS-over-HTTPS, or DoH, encrypts the request so that it can't be intercepted or hijacked in order to send a user to a malicious site. [.].

DNS

DNS Internet Internet Encryption

New DNS Hijacking Attacks

Schneier on Security

APRIL 18, 2019

DNS hijacking isn't new, but this seems to be an attack of uprecidented scale: Researchers at Cisco's Talos security division on Wednesday revealed that a hacker group it's calling Sea Turtle carried out a broad campaign of espionage via DNS hijacking, hitting 40 different organizations.

DNS

DNS Internet Internet Risk

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

FEBRUARY 18, 2019

” The DNS part of that moniker refers to the global “ D omain N ame S ystem ,” which serves as a kind of phone book for the Internet by translating human-friendly Web site names (example.com) into numeric Internet address that are easier for computers to manage. PASSIVE DNS.

DNS

DNS Internet Internet Government

Increasing Awareness of DNS Hijacking: A Growing Cyber Threat

Tech Republic Security

NOVEMBER 6, 2024

DNS hijacking is a growing threat that can redirect users to malicious sites. However, using passive DNS monitoring can help to protect data.

DNS

DNS Cyber threats

DNS Security

Adam Shostack

JANUARY 2, 2025

They asked us to look at the value of DNS security, such as when your DNS provider uses threat intel to block malicious sites. Just point to a DNS server like 9.9.9.9). The report is available from GCA's site: Learn About How DNS Security Can Mitigate One-Third of Cyber Incidents

DNS

Multi-cloud Strategies Making DDI and DNS Cumbersome to Manage

Tech Republic Security

OCTOBER 7, 2024

DNS and IP address management is getting harder as multi-cloud strategies take over in Australia and the APAC region.

DNS

Keep Web Traffic Streamlined and Safe With This $29.99 DNS

Tech Republic Security

NOVEMBER 27, 2023

With AdGuard DNS, you can block ads, customize parental controls and keep tabs on DNS requests coming in or out — all for the lowest price on the web.

DNS

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Security Affairs

MAY 1, 2024

The China-linked threat actors Muddling Meerkat are manipulating DNS to probe networks globally since 2019. Infoblox researchers observed China-linked threat actors Muddling Meerkat using sophisticated DNS activities since 2019 to bypass traditional security measures and probe networks worldwide. ” concludes the report.

DNS

DNS Firewall DDOS Hacking

DNSBomb: New DDoS Attack Explodes DNS Traffic, Threatening Critical Internet Infrastructure

Penetration Testing

MAY 23, 2024

This innovative attack weaponizes DNS (Domain Name System) traffic to overwhelm and disrupt online services,... The post DNSBomb: New DDoS Attack Explodes DNS Traffic, Threatening Critical Internet Infrastructure appeared first on Penetration Testing.

DNS

DNS DDOS Internet Internet

Don’t Let Your Domain Name Become a “Sitting Duck”

Krebs on Security

JULY 31, 2024

Your Web browser knows how to find a site like example.com thanks to the global Domain Name System (DNS), which serves as a kind of phone book for the Internet by translating human-friendly website names (example.com) into numeric Internet addresses. And the bulk of these are at a handful of DNS providers.”

DNS

DNS Internet Internet Phishing

Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices

Security Affairs

NOVEMBER 14, 2024

The vulnerability CVE-2024-10914 is a command injection issue that impacts D-Link DNS-320 , DNS-320LW, DNS-325 and DNS-340L up to 20241028. “A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been declared as critical. cmd=cgi_user_add.

DNS

DNS Internet Internet Hacking

Report: Recent 10x Increase in Cyberattacks on Ukraine

Krebs on Security

MARCH 11, 2022

John Todd is general manager of Quad9 , a free “anycast” DNS platform. DNS stands for Domain Name System, which is like a globally distributed phone book for the Internet that maps human-friendly website names (example.com) to numeric Internet addresses (8.8.4.4.) that are easier for computers to manage.

DNS

DNS Internet Internet Phishing

Palo Alto Networks fixed a high-severity PAN-OS flaw

Security Affairs

DECEMBER 27, 2024

“A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. The vulnerability can be exploited only if DNS Security logging is enabled. h8, 10.2.10-h12,

DNS

DNS Firewall Spyware Software

Trial Ends in Guilty Verdict for DDoS-for-Hire Boss

Krebs on Security

SEPTEMBER 16, 2021

In such assaults, the perpetrators leverage unmanaged Domain Name Servers (DNS) or other devices on the Web to create huge traffic floods. Ideally, DNS servers only provide services to machines within a trusted domain — such as translating an Internet address from a series of numbers into a domain name, like example.com.

DDOS

DDOS DNS Internet Internet

RSAC Fireside Chat: Rich threat intel, specialized graph database fuel HYAS’ Protective DNS

The Last Watchdog

MAY 29, 2024

Related: Selecting a Protective DNS One smart way to do this is by keeping an eagle eye out for rogue command and control (C2) server communications. And this beaconing must intersect with the Domain Name System (DNS.) DNS security and the overall Protective DNS space is rising in importance.

DNS

DNS Cyber Insurance Insurance Internet

Cloudflare’s 1.1.1.1 DNS Service Disrupted by BGP Hijacking and Route Leak

Penetration Testing

JULY 5, 2024

public DNS resolver service experienced disruptions, leaving a small percentage of users worldwide unable to access the service or facing significant latency issues. DNS Service Disrupted by BGP Hijacking and Route Leak appeared first on Cybersecurity News. On June 27, 2024, Cloudflare’s popular 1.1.1.1

DNS

DNS Cybersecurity

Apple Will Offer Onion Routing for iCloud/Safari Users

Schneier on Security

JUNE 22, 2021

Those are your IP address (who and exactly where you are) and your DNS request (the address of the website you want, in numeric form). Once the two pieces of information are split, Private Relay encrypts your DNS request and sends both the IP address and now-encrypted DNS request to an Apple proxy server.

DNS

DNS Encryption

How to Prevent DNS Attacks: DNS Security Best Practices

eSecurity Planet

DECEMBER 8, 2023

Domain name service (DNS) attacks threaten every internet connection because they can deny, intercept, and hijack connections. With the internet playing an increasing role in business, securing DNS plays a critical role in both operations and security. Everything You Need to Know.

DNS

DNS DDOS Firewall Architecture

BIND updates fix four high-severity DoS bugs in the DNS software suite

Security Affairs

JULY 26, 2024

The Internet Systems Consortium (ISC) released BIND security updates that fixed several remotely exploitable DoS bugs in the DNS software suite. An attacker can exploit these vulnerabilities to disrupt DNS services. ISC addressed four high-severity vulnerabilities (CVSS score of 7.5) In BIND 9 versions 9.18.1 through 9.18.27, 9.19.0

DNS

DNS Software Internet Internet

China-Linked 'Muddling Meerkat' Hijacks DNS to Map Internet on Global Scale

The Hacker News

APRIL 29, 2024

A previously undocumented cyber threat dubbed Muddling Meerkat has been observed undertaking sophisticated domain name system (DNS) activities in a likely effort to evade security measures and conduct reconnaissance of networks across the world since October 2019.

DNS

DNS Internet Internet Cyber threats

Roaming Mantis implements new DNS changer in its malicious mobile app in 2022

SecureList

JANUARY 19, 2023

Kaspersky has been investigating the actor’s activity throughout 2022, and we observed a DNS changer function used for getting into Wi-Fi routers and undertaking DNS hijacking. At that time, the criminals compromised Wi-Fi routers for use in DNS hijacking, which is a very effective technique. Agent.eq (a.k.a

DNS

DNS Mobile Malware Accountability

Hackers use DNS tunneling for network scanning, tracking victims

Bleeping Computer

MAY 13, 2024

Threat actors are using Domain Name System (DNS) tunneling to track when their targets open phishing emails and click on malicious links, and to scan networks for potential vulnerabilities. [.]

DNS

DNS Phishing

Chinese Actor SecShow Conducts Massive DNS Probing on Global Scale

The Hacker News

JUNE 11, 2024

Cybersecurity researchers have shed more light on a Chinese actor codenamed SecShow that has been observed conducting Domain Name System (DNS) on a global scale since at least June 2023.

DNS

DNS Education Government Cybersecurity

Cybercriminals Using Novel DNS Hijacking Technique for Investment Scams

The Hacker News

MARCH 5, 2024

A new DNS threat actor dubbed Savvy Seahorse is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds.

DNS

DNS Scams Banking Accountability

ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms

The Hacker News

DECEMBER 11, 2024

Cybersecurity researchers have discovered a new version of the ZLoader malware that employs a Domain Name System (DNS) tunnel for command-and-control (C2) communications, indicating that the threat actors are continuing to refine the tool after resurfacing a year ago. Zloader 2.9.4.0

DNS

DNS Malware Cybersecurity

Crooks Continue to Exploit GoDaddy Hole

Krebs on Security

FEBRUARY 4, 2019

Spammy Bear targeted dormant but otherwise legitimate domains that had one thing in common: They all at one time used GoDaddy’s hosted Domain Name System (DNS) service. The domains documented by MyOnlineSecurity all had their DNS records altered between Jan. 31 and Feb. 22 report on the GoDaddy weakness. Image: Farsight Security.

DNS

DNS Ransomware Accountability Internet

ExpressVPN bug has been leaking some DNS requests for years

Bleeping Computer

FEBRUARY 11, 2024

ExpressVPN has removed the split tunneling feature from the latest version of its software after finding that a bug exposed the domains users were visiting to configured DNS servers. [.]

DNS

DNS Software

Chinese hackers use DNS-over-HTTPS for Linux malware communication

Bleeping Computer

JUNE 14, 2023

The Chinese threat group 'ChamelGang' infects Linux devices with a previously unknown implant named 'ChamelDoH,' allowing DNS-over-HTTPS communications with attackers' servers. [.]

DNS

DNS Malware

Android bug can leak DNS traffic with VPN kill switch enabled

Bleeping Computer

MAY 3, 2024

A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the "Always-on VPN" feature was enabled with the "Block connections without VPN" option. [.]

DNS

DNS VPN

U.S. CISA adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

DECEMBER 6, 2024

The getresetstatus vulnerability in CyberPanel (before commit 1c0c6cb ) affects dns/views.py “getresetstatus in dns/views.py “getresetstatus in dns/views.py and ftp/views.py. Attackers can manipulate the statusfile property with shell metacharacters. and ftp/views.py ” reads the advisory. . and ftp/views.py

DNS

DNS Authentication Ransomware Hacking

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Krebs on Security

JANUARY 22, 2019

Your Web browser knows how to find a Web site name like example.com thanks to the global Domain Name System (DNS), which serves as a kind of phone book for the Internet by translating human-friendly Web site names (example.com) into numeric Internet address that are easier for computers to manage. ” SAY WHAT? 13, 2018 bomb threat hoax.

DNS

DNS Internet Internet Computers and Electronics

Delivering trust with DNS security

We Live Security

DECEMBER 13, 2023

TELCOs and ISPs, by exploring DNS protection in league with security vendors, can enable rapid deployment of more robust security measures where needed in an age of rapidly expanding online threats.

DNS

ChamelDoH: New Linux Backdoor Utilizing DNS-over-HTTPS Tunneling for Covert CnC

The Hacker News

JUNE 16, 2023

The malware, dubbed ChamelDoH by Stairwell, is a C++-based tool for communicating via DNS-over-HTTPS (DoH) tunneling. The threat actor known as ChamelGang has been observed using a previously undocumented implant to backdoor Linux systems, marking a new expansion of the threat actor's capabilities.

DNS

DNS Technology Malware Cybersecurity

ExpressVPN leaked DNS requests due to a bug in the split tunneling feature

Security Affairs

FEBRUARY 12, 2024

ExpressVPN addressed a bug in the split tunneling feature that exposed the domains visited by the users to configured DNS servers. The expert noticed that the DNS queries were sent to the DNS server configured on the computer. Anyway, disabling the split tunneling feature will prevent the leak of the DNS requests.

DNS

DNS VPN Encryption Internet

Microsoft Patch Tuesday, March 2021 Edition

Krebs on Security

MARCH 9, 2021

For the second month in a row, Microsoft has patched scary flaws in the DNS servers on Windows Server 2008 through 2019 versions that could be used to remotely install software of the attacker’s choice. All five of the DNS bugs quashed in today’s patch batch earned a CVSS Score (danger metric) of 9.8 — almost as bad as it gets.

DNS

DNS Internet Internet Software

DEF CON 32 – Recon Village – Pushing the Limits of Mass DNS Scanning

Security Boulevard

MARCH 21, 2025

Permalink The post DEF CON 32 – Recon Village – Pushing the Limits of Mass DNS Scanning appeared first on Security Boulevard. Originating from the conferences events located at the Las Vegas Convention Center ; and via the organizations YouTube channel.

DNS

DNS Education Cybersecurity

CISA Warns of Exploitable Vulnerabilities in Popular BIND 9 DNS Software

The Hacker News

JULY 24, 2024

The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could be exploited to trigger a denial-of-service (DoS) condition. "A

DNS

DNS Software Cyber threats Internet

“KeyTrap” (CVE-2023-50387) Flaw Leaves DNS Systems Vulnerable, PoC Published

Penetration Testing

FEBRUARY 19, 2024

A proof-of-concept (PoC) was disclosed for a severe design flaw (CVE-2023-50387) in Domain Name System Security Extensions (DNSSEC), leaving DNS infrastructures vulnerable to widespread denial-of-service (DoS) attacks.

DNS

DNS Penetration Testing

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Krebs on Security

SEPTEMBER 18, 2024

According to DomainTools.com , the organization that registered this domain is called “ apkdownloadweb ,” is based in Rajshahi, Bangladesh, and uses the DNS servers of a Web hosting company in Bangladesh called webhostbd[.]net. net for DNS. net DNS servers). xyz and onlinestreaming[.]xyz. Livestreamnow[.]xyz

Scams

Scams DNS Internet Internet

MindsDB Fixes Critical CVE-2024-24759: DNS Rebinding Attack Bypasses Security Protections

Penetration Testing

SEPTEMBER 7, 2024

The... The post MindsDB Fixes Critical CVE-2024-24759: DNS Rebinding Attack Bypasses Security Protections appeared first on Cybersecurity News.

DNS

DNS Cybersecurity

MasterCard DNS Error Went Unnoticed for Years

Oblivious DNS-over-HTTPS

Trending Sources

Zero-Trust DNS

MikroTik botnet relies on DNS misconfiguration to spread malware

Firefox Enables DNS over HTTPS

New DNS Hijacking Attacks

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Increasing Awareness of DNS Hijacking: A Growing Cyber Threat

DNS Security

Multi-cloud Strategies Making DDI and DNS Cumbersome to Manage

Keep Web Traffic Streamlined and Safe With This $29.99 DNS

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

DNSBomb: New DDoS Attack Explodes DNS Traffic, Threatening Critical Internet Infrastructure

Don’t Let Your Domain Name Become a “Sitting Duck”

Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices

Report: Recent 10x Increase in Cyberattacks on Ukraine

Palo Alto Networks fixed a high-severity PAN-OS flaw

Trial Ends in Guilty Verdict for DDoS-for-Hire Boss

RSAC Fireside Chat: Rich threat intel, specialized graph database fuel HYAS’ Protective DNS

Cloudflare’s 1.1.1.1 DNS Service Disrupted by BGP Hijacking and Route Leak

Apple Will Offer Onion Routing for iCloud/Safari Users

How to Prevent DNS Attacks: DNS Security Best Practices

BIND updates fix four high-severity DoS bugs in the DNS software suite

China-Linked 'Muddling Meerkat' Hijacks DNS to Map Internet on Global Scale

Roaming Mantis implements new DNS changer in its malicious mobile app in 2022

Hackers use DNS tunneling for network scanning, tracking victims

Chinese Actor SecShow Conducts Massive DNS Probing on Global Scale

Cybercriminals Using Novel DNS Hijacking Technique for Investment Scams

ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms

Crooks Continue to Exploit GoDaddy Hole

ExpressVPN bug has been leaking some DNS requests for years

Chinese hackers use DNS-over-HTTPS for Linux malware communication

Android bug can leak DNS traffic with VPN kill switch enabled

U.S. CISA adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Delivering trust with DNS security

ChamelDoH: New Linux Backdoor Utilizing DNS-over-HTTPS Tunneling for Covert CnC

ExpressVPN leaked DNS requests due to a bug in the split tunneling feature

Microsoft Patch Tuesday, March 2021 Edition

DEF CON 32 – Recon Village – Pushing the Limits of Mass DNS Scanning

CISA Warns of Exploitable Vulnerabilities in Popular BIND 9 DNS Software

“KeyTrap” (CVE-2023-50387) Flaw Leaves DNS Systems Vulnerable, PoC Published

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

MindsDB Fixes Critical CVE-2024-24759: DNS Rebinding Attack Bypasses Security Protections

Stay Connected