Security News

A 20-plus-year-old security vulnerability in the design of DNSSEC could allow a single DNS packet to exhaust the processing capacity of any server offering the system for domain-name resolution, effectively disabling the machine. Yes, a single DNS packet can take out a remote DNSSEC server.

ExpressVPN has removed the split tunneling feature from the latest version of its software after finding that a bug exposed the domains users were visiting to configured DNS servers. A bug in this feature caused DNS requests of users not to be directed to ExpressVPN's infrastructure, as they should, but to the user's internet service provider.

Hackers are using a stealthy method to deliver to macOS users information-stealing malware through DNS records that hide malicious scripts. The campaign appears directed at users of macOS Ventura and later and relies on cracked applications repackaged as PKG files that include a trojan.

A series of attacks against Microsoft Active Directory domains could allow miscreants to spoof DNS records, compromise Active Directory and steal all the secrets it stores, according to Akamai security researchers. While the current report doesn't provide technical details or proof-of-concept exploits, Akamai has promised, in the near future, to publish code that implements these attacks called DDSpoof - short for DHCP DNS Spoof.

Keep Web Traffic Streamlined and Safe With This $29.99 DNS With AdGuard DNS, you can block ads, customize parental controls and keep tabs on DNS requests coming in or out - all for the lowest price on the web. Luckily, there are affordable solutions out there beyond the usual battery of antivirus software offerings, and AdGuard DNS stands out as one of the best of the bunch.

PolarDNS is a specialized authoritative DNS server that allows the operator to produce custom DNS responses suitable for DNS protocol testing purposes. DNS header malformations Injection of unsolicited records Injection of arbitrary bytes of arbitrary lengths.

A threat actor that security researchers call Prolific Puma has been providing link shortening services to cybercriminals for at least four years while keeping a sufficiently low profile to...

Microsoft is testing support for the Discovery of Network-designated Resolvers internet standard, which enables automated client-side discovery of encrypted DNS servers on local area networks. Without DNR support, users must manually enter the info of encrypted DNS servers on their local area network within the network settings.

Payment processing firm Square says a widespread outage that took down a large part of the company's infrastructure last week was caused by a DNS issue. The 14-hour-long outage affected Square payment acceptance and other services and led to customers being unable to log into their accounts or process payments starting Thursday, around noon.

Infosec in brief Someone at Microsoft has some explaining to do after a messed up DNS record caused emails sent from Hotmail accounts Microsoft Outlook Hotmail accounts to be rejected and directed to spam folders overnight beginning Thursday. Microsoft support forum advisors confirmed that the issue was known, which was further confirmed by a look at the Office service status page.