Remove DNS Remove Internet Remove Wireless
article thumbnail

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers. federal civilian agencies to secure the login credentials for their Internet domain records. That changed on Jan.

DNS 279
article thumbnail

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

The Last Watchdog

The author of Mirai used a sledgehammer to kill a fly: the DDoS bombardment was so large that it also wiped out Dyn , a UK-based internet performance vendor. The Spamhaus attacker, for instance, noticed that there were literally millions of domain name system (DNS) resolvers that remained wide open all over the internet.

DDOS 263
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Microsoft Buys Corp.com

Schneier on Security

A few months ago, Brian Krebs told the story of the domain corp.com, and how it is basically a security nightmare: At issue is a problem known as " namespace collision ," a situation where domain names intended to be used exclusively on an internal company network end up overlapping with domains that can resolve normally on the open Internet.

DNS 279
article thumbnail

Microsoft Buys Corp.com So Bad Guys Can’t

Krebs on Security

From February’s piece: At issue is a problem known as “ namespace collision ,” a situation where domain names intended to be used exclusively on an internal company network end up overlapping with domains that can resolve normally on the open Internet. Further reading: Mitigating the Risk of DNS Namespace Collisions (PDF).

DNS 358
article thumbnail

ThousandEyes Pi4 Wireless Deployment at Black Hat USA

Cisco Security

A deployment guide for wireless ThousandEyes agents deployed to monitor the Black Hat 2023 conference by Adam Kilgore & Ryan MacLennan ThousandEyes (TE) Black Hat 2023 Deployment Guide This guide documents the setup and installation procedures used to deploy ThousandEyes at Black Hat 2023.

article thumbnail

Some Zyxel devices can be hacked via DNS requests

Security Affairs

Experts at SEC Consult discovered several security issues in various Zyxel devices that allow to hack them via unauthenticated DNS requests. The first issue is an information disclosure flaw via unauthenticated external DNS requests that affect Zyxel devices from the USG, UAG, ATP, VPN and NXC series. Pierluigi Paganini.

DNS 97
article thumbnail

Unfixed vulnerability in popular library puts IoT products at risk

Malwarebytes

Researchers have found a vulnerability in a popular C standard library in IoT products that could allow attackers to perform DNS poisoning attacks against a target device. Similar to other C standard libraries, uClibc provides an extensive DNS client interface that allows programs to readily perform lookups and other DNS-related requests.

IoT 133