Security News

New DNS Vulnerability Lets Attackers Launch Large-Scale DDoS Attacks
2020-05-20 04:16

Israeli cybersecurity researchers have disclosed details about a new flaw impacting DNS protocol that can be exploited to launch amplified, large-scale distributed denial-of-service attacks to takedown targeted websites. Called NXNSAttack, the flaw hinges on the DNS delegation mechanism to force DNS resolvers to generate more DNS queries to authoritative servers of attacker's choice, potentially causing a botnet-scale disruption to online services.

NXNSAttack: New DNS Vulnerability Allows Big DDoS Attacks
2020-05-19 16:39

Several major providers of DNS services and software have been working to address a serious DNS vulnerability that could allow malicious actors to launch significant distributed denial-of-service attacks. The flaw exists in the DNS protocol and it affects all recursive DNS resolvers.

Microsoft joins encrypted DNS club with Windows 10 option
2020-05-15 09:43

Microsoft is the latest browser vendor to join the encrypted DNS club by supporting DNS over HTTPS in Windows 10. We've explained encrypted DNS before, but briefly, it encrypts DNS queries between your computer and the DNS resolver so those in between can't see which websites or other URLs you're asking for.

Microsoft Adds DNS-Over-HTTPS Support for Windows 10 Insiders
2020-05-14 15:53

Microsoft has announced the first testable version of DNS-Over-HTTPS support, available for its Windows 10 operating system. Support for the DoH protocol, which Microsoft first announced in November, is available in the Windows 10 Insider Preview Build 19628.

BlueCat Adaptive DNS gives network teams visibility over AWS resources and threat protection
2020-05-08 01:00

These new capabilities enable network teams to better integrate cloud resources in Amazon Web Services with on-premises networks, protect themselves from advanced cyber threats, and reduce the risk of network outages. Because the new universal work from home reality has introduced new risks to enterprise networks, BlueCat also introduced several security improvements to BlueCat Threat Protection, its DNS firewall solution.

Uncle Sam to agencies: No encrypted DNS for you!
2020-05-04 10:52

The DHS's Cybersecurity & Infrastructure Security Agency published a memorandum on April 21 warning agency CIOs that they're legally bound to use its internal EINSTEIN network security system when resolving DNS queries. The first is DNS over TLS. This uses Transport Layer Security - the successor to SSL - to encrypt the queries directly and verify the server's identity using digital certificates.

CISA Reminds Federal Agencies to Use Its DNS Service
2020-05-01 11:22

A memorandum sent by the United States Cybersecurity and Infrastructure Security Agency to Chief Information Officers at federal agencies reminds them to use EINSTEIN 3 Accelerated's Domain Name System sinkholing capability for DNS resolution. In the United States, DNS resolution services provided by CISA are mandatory in most federal agencies in the executive branch.

Canada's .ca overlord rolls out free privacy-protecting DNS-over-HTTPS service for folks in Great White North
2020-04-23 22:42

CA domains, among other important internet functions, is rolling out a free Canada-wide DNS-over-HTTPS service to protect people's privacy. The Canadian Internet Registry Authority today said its new Canadian Shield service will allow people and businesses to encrypt their DNS queries in transit between their devices and CIRA's servers, providing an added layer of security at a time where millions in the country are transitioning to working from home mid-coronavirus pandemic.

NS1 Managed DNS: Steering traffic to the optimal VPN access points for reliable connectivity
2020-04-22 01:30

"Extending VPN to new users and use cases helps solve some immediate problems of isolation and segmentation. It also comes under immediate pressure, as organizations see VPN access capacity straining under a scale of remote work until now unforeseen." NS1 Managed DNS, when used to direct VPN users, improves the experience for remote employees by intelligently and dynamically steering traffic to the optimal VPN access points for reliable, frictionless connectivity.

Linksys forces password reset for Smart Wi-Fi accounts after router DNS hack pointed users at COVID-19 malware
2020-04-15 19:03

Router biz Linksys has reset all its customers' Smart Wi-Fi account passwords after cybercrims accessed a bunch and redirected hapless users to COVID-19 themed malware. Hackers with access to Linksys Smart Wi-Fi accounts were changing home routers' DNS server settings.