Security News > 2020 > May > NXNSAttack: New DNS Vulnerability Allows Big DDoS Attacks
Several major providers of DNS services and software have been working to address a serious DNS vulnerability that could allow malicious actors to launch significant distributed denial-of-service attacks.
The flaw exists in the DNS protocol and it affects all recursive DNS resolvers.
It has been confirmed to impact DNS software such as NLnet Labs's Unbound, BIND, Knot Resolver and PowerDNS, as well as DNS services provided by Google, Microsoft, Cloudflare, Amazon, Oracle, Verisign, IBM Quad9, and ICANN. The affected organizations have patched their software and servers to prevent exploitation.
DNS amplification attacks are DDoS attacks where the attacker exploits vulnerabilities in DNS servers to turn small queries into larger payloads that can disrupt the targeted server.
The attacker's server delegates to fake server names pointing to the victim's DNS domain, causing the resolver to generate queries towards the victim's DNS server.
News URL
Related news
- CUPS vulnerabilities could be abused for DDoS attacks (source)
- Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps (source)
- Recently patched CUPS flaw can be used to amplify DDoS attacks (source)
- Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors (source)
- Largest Recorded DDoS Attack is 3.8 Tbps (source)
- New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries (source)
- U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- FortiManager critical vulnerability under active attack (source)
- Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack (source)