Security News > 2021 > August > All your DNS were belong to us: AWS and Google Cloud shut down spying vulnerability
This undocumented spying option was also available at Google Cloud DNS and at least one other DNS-as-a-service provider.
In a presentation earlier this week at the Black Hat USA 2021 security conference in Las Vegas, Nevada, Shir Tamari and Ami Luttwak from security firm Wiz, described how they found a DNS name server hijacking flaw that allowed them to spy on the dynamic DNS traffic of other customers.
"We found a simple loophole that allowed us to intercept a portion of worldwide dynamic DNS traffic going through managed DNS providers like Amazon and Google," explained Tamari in a blog post.
According to Tamari, Amazon and Google have fixed this issue in their respective DNS services, but other DNS service providers may still be vulnerable.
The researchers attribute the vulnerability to the way Microsoft's dynamic DNS algorithm works in Windows.
Tamari said it's up to organizations to configure their DNS resolvers to prevent dynamic DNS updates from leaving their network.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/08/06/aws_google_dns/
Related news
- Google Cloud/Cloud Security Alliance Report: IT and Security Pros Are ‘Cautiously Optimistic’ About AI (source)
- Google Cloud Next 2024: New Data Center Chip and Chrome Enterprise Premium Join the Ecosystem (source)
- US Defense Dept received 50,000 vulnerability reports since 2016 (source)
- 96% of US hospital websites share visitor info with Meta, Google, data brokers (source)
- AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs (source)