Security News
Most cloud services keep their DNS cache times, known in the jargon as TTLs or time-to-live entries, pretty small these days in order to help their services adapt more quickly to changes in network load. Hacking your DNS entries is not quite as good a result for the crooks as taking over your actual web server - they won't have your web certificate to authenticate HTTPS traffic, and they'd need to clone a huge amount of your site to make a realistic facsimile - but it's still extremely dangerous, and potentially very damaging for your brand. In the cases tracked by Edwards, it seems that a bunch of crooks have been keeping their eyes on unused Azure server names that still have trusted DNS records referring to them, and reviving those defunct server names to produce believable URLs for scams and malware campaigns.
The link took them to a "Surprisingly believable" phishing page with logos and icons that matched their service provider, and instructed them to enter their WordPress account username and password to start the update. "The scam then shows you some fake but believable progress messages to make you think that a genuine 'site upgrade' has kicked off, including pretending to perform some sort of digital 'file signing' at the end," Sophos's security proselytiser Paul Ducklin explained.
We care about your privacy and the protection of your domains, so we will soon be upgrading them, from basic Domain Name System to Domain Name System Security Extensions. As you probably know, DNS is short for domain name system, and it's the globally distributed database that turns server names that humans can remember, such as nakedsecurity.
Encrypted DNS, as its name suggests, encrypts those queries to shield them from snoops and meddlers. A year later, a research paper presented at a Usenix conference underscored the need for better security when it reported that about 8.5 per cent of DNS queries were intercepted by service providers.
Comcast has agreed to be the first home broadband internet provider to handle secure DNS-over-HTTPS queries for Firefox browser users in the US, Mozilla has announced. This means the ISP, which has joined Moz's Trusted Recursive Resolver Program, will perform domain-name-to-IP-address lookups for subscribers using Firefox via encrypted HTTPS channels.
79% of organizations experienced DNS attacks, with the average cost of each attack hovering around $924,000, according to EfficientIP. The 2020 Global DNS Threat Report, conducted in collaboration with IDC, shows that organizations across all industries suffered an average 9.5 attacks this year. In terms of regional damage from DNS attacks, North America leads the way with the average cost of attack at $1,073,000.
A report released Wednesday by network automation and security provider EfficientIP and research firm IDC discusses how DNS is prone to attack and what organizations can do to protect their DNS security. Based on a survey of 900 technology professions across North America, Europe, and Asia Pacific, the "2020 Global DNS Threat Report" found that 79% of organizations were hit by DNS attacks in 2019, down slightly from 82% in 2018.
Infoblox identified the challenges Communication Service Providers face in transitioning to distributed cloud models, as well as the use cases for multi-access edge computing, 5G New Radio, and 5G Next Generation Core networks. "Distributed cloud models such as 5G and multi-access edge computing networks have the potential to drastically change the CSP industry, delivering high-bandwidth, low latency services to network customers," said Dilip Pillaipakam, Vice President and GM of Service Provider Business at Infoblox.
After delays to Chrome version 81 in March, and the scrapping of version 82 a month later, this week sees the early arrival of Chrome 83 with a longer list of new security features than originally planned. First, it's not turned on by default, and might not even be visible under Settings > Privacy and security > Advanced.
Dubbed NXNSAttack, the flaw [PDF] can be abused to pull off a classic amplification attack: you send a small amount of specially crafted data to a DNS server, which responds by sending a lot of data to a victim's server. The recursive server contacts your DNS server for your dot.com for that information.