Security News > 2021 > August > All your DNS were belong to us: AWS and Google Cloud shut down spying vulnerability
This undocumented spying option was also available at Google Cloud DNS and at least one other DNS-as-a-service provider.
In a presentation earlier this week at the Black Hat USA 2021 security conference in Las Vegas, Nevada, Shir Tamari and Ami Luttwak from security firm Wiz, described how they found a DNS name server hijacking flaw that allowed them to spy on the dynamic DNS traffic of other customers.
"We found a simple loophole that allowed us to intercept a portion of worldwide dynamic DNS traffic going through managed DNS providers like Amazon and Google," explained Tamari in a blog post.
According to Tamari, Amazon and Google have fixed this issue in their respective DNS services, but other DNS service providers may still be vulnerable.
The researchers attribute the vulnerability to the way Microsoft's dynamic DNS algorithm works in Windows.
Tamari said it's up to organizations to configure their DNS resolvers to prevent dynamic DNS updates from leaving their network.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/08/06/aws_google_dns/
Related news
- Google Cloud to make MFA mandatory by the end of 2025 (source)
- Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users (source)
- All Google Cloud users will have to enable MFA by 2025 (source)
- Google Cloud Cybersecurity Forecast 2025: AI, geopolitics, and cybercrime take centre stage (source)
- Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine (source)
- Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System (source)
- Google patches actively exploited Android vulnerability (CVE-2024-43093) (source)
- Week in review: Zero-click flaw in Synology NAS devices, Google fixes exploited Android vulnerability (source)
- AWS unveils cloud security IR service for a mere $7K a month (source)