Security News > 2020 > May > NXNSAttack: New DNS Vulnerability Allows Big DDoS Attacks
Several major providers of DNS services and software have been working to address a serious DNS vulnerability that could allow malicious actors to launch significant distributed denial-of-service attacks.
The flaw exists in the DNS protocol and it affects all recursive DNS resolvers.
It has been confirmed to impact DNS software such as NLnet Labs's Unbound, BIND, Knot Resolver and PowerDNS, as well as DNS services provided by Google, Microsoft, Cloudflare, Amazon, Oracle, Verisign, IBM Quad9, and ICANN. The affected organizations have patched their software and servers to prevent exploitation.
DNS amplification attacks are DDoS attacks where the attacker exploits vulnerabilities in DNS servers to turn small queries into larger payloads that can disrupt the targeted server.
The attacker's server delegates to fake server names pointing to the victim's DNS domain, causing the resolver to generate queries towards the victim's DNS server.
News URL
Related news
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- New Eleven11bot botnet infects 86,000 devices for DDoS attacks (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- DDoS Attacks Now Key Weapons in Geopolitical Conflicts, NETSCOUT Warns (source)
- CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks (source)