Security News > 2020 > May > NXNSAttack: New DNS Vulnerability Allows Big DDoS Attacks
Several major providers of DNS services and software have been working to address a serious DNS vulnerability that could allow malicious actors to launch significant distributed denial-of-service attacks.
The flaw exists in the DNS protocol and it affects all recursive DNS resolvers.
It has been confirmed to impact DNS software such as NLnet Labs's Unbound, BIND, Knot Resolver and PowerDNS, as well as DNS services provided by Google, Microsoft, Cloudflare, Amazon, Oracle, Verisign, IBM Quad9, and ICANN. The affected organizations have patched their software and servers to prevent exploitation.
DNS amplification attacks are DDoS attacks where the attacker exploits vulnerabilities in DNS servers to turn small queries into larger payloads that can disrupt the targeted server.
The attacker's server delegates to fake server names pointing to the victim's DNS domain, causing the resolver to generate queries towards the victim's DNS server.
News URL
Related news
- DDoS Attacks Surge 46% in First Half of 2024, Gcore Report Reveals (source)
- DDoS attack volume rises, peak power reaches 1.7 Tbps (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Average DDoS attack costs $6,000 per minute (source)
- Versa fixes Director zero-day vulnerability exploited in attacks (source)
- Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus (source)
- Windows vulnerability abused braille “spaces” in zero-day attacks (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)
- CUPS vulnerabilities could be abused for DDoS attacks (source)
- Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps (source)