Security News > 2021 > August > All your DNS were belong to us: AWS and Google Cloud shut down spying vulnerability
This undocumented spying option was also available at Google Cloud DNS and at least one other DNS-as-a-service provider.
In a presentation earlier this week at the Black Hat USA 2021 security conference in Las Vegas, Nevada, Shir Tamari and Ami Luttwak from security firm Wiz, described how they found a DNS name server hijacking flaw that allowed them to spy on the dynamic DNS traffic of other customers.
"We found a simple loophole that allowed us to intercept a portion of worldwide dynamic DNS traffic going through managed DNS providers like Amazon and Google," explained Tamari in a blog post.
According to Tamari, Amazon and Google have fixed this issue in their respective DNS services, but other DNS service providers may still be vulnerable.
The researchers attribute the vulnerability to the way Microsoft's dynamic DNS algorithm works in Windows.
Tamari said it's up to organizations to configure their DNS resolvers to prevent dynamic DNS updates from leaving their network.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/08/06/aws_google_dns/
Related news
- Google Cloud Expands Confidential Computing Portfolio (source)
- AWS Cloud Development Kit Vulnerability Exposes Users to Potential Account Takeover Risks (source)
- Google Cloud to make MFA mandatory by the end of 2025 (source)
- Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users (source)
- All Google Cloud users will have to enable MFA by 2025 (source)
- Google Cloud Cybersecurity Forecast 2025: AI, geopolitics, and cybercrime take centre stage (source)
- Multi-cloud Strategies Making DDI and DNS Cumbersome to Manage (source)
- Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale (source)
- Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices (source)
- AWS Cloud Development Kit flaw exposed accounts to full takeover (source)