Security News

New Side Channel Attacks Re-Enable Serious DNS Cache Poisoning Attacks
2021-11-18 22:50

Researchers have demonstrated yet another variant of the SAD DNS cache poisoning attack that leaves about 38% of the domain name resolvers vulnerable, enabling attackers to redirect traffic originally destined to legitimate websites to a server under their control. From Kaminsky Attack to SAD DNS. DNS cache poisoning, also called DNS spoofing, is a technique in which corrupt data is introduced into a DNS resolver's cache, so that DNS queries return an incorrect response for a trusted domain and users are directed to malicious websites.

72% of organizations hit by DNS attacks in the past year
2021-10-26 03:30

DNS attacks are nothing new, and they tend to fall further down the list of threat concerns. DNS attacks appear to be on a gradual upward trajectory.

Facebook, WhatsApp, and Instagram down due to DNS outage
2021-10-04 16:13

Users worldwide are reporting that they are unable to access Facebook, Instagram, and WhatsApp, instead seeing errors that the sites can't be reached. When attempting to open any of the three sites, they are given DNS PROBE FINISHED NXDOMAIN errors and advised to check if there is a typo in the domain entered in the address bar.

Protecting IoT devices requires a DNS-based solution
2021-09-23 05:30

To prevent devices being used as attack vectors, the first step to IoT protection, when connected onto the network, must start with DNS: using Domain Name System infrastructures and DNS security capabilities to protect data and ensure IoT devices are only allowed access to relevant services. Whilst IoT devices will always have security vulnerabilities, by incorporating a secure approach which makes use of DNS technology, businesses and service providers can be confident they are best protecting their data and access to their IT infrastructure.

Black Hat: Novel DNS Hack Spills Confidential Corp Data
2021-08-12 20:30

"We found a simple loophole that allowed us to intercept a portion of worldwide dynamic DNS traffic going through managed DNS providers like Amazon and Google. Essentially, we 'wiretapped' the internal network traffic of 15,000 organizations and millions of devices," Wiz wrote in a technical breakdown of the bug. Luttwak calls what he found a "Loophole" within the process used to handle the now obsolete dynamic DNS within modern DNS server configurations.

Bugs in Managed DNS Services Cloud Let Attackers Spy On DNS Traffic
2021-08-11 04:57

"We found a simple loophole that allowed us to intercept a portion of worldwide dynamic DNS traffic going through managed DNS providers like Amazon and Google," researchers Shir Tamari and Ami Luttwak from infrastructure security firm Wiz said. The exploitation process hinges on registering a domain on Amazon's Route53 DNS service with the same name as the DNS name server - which provides the translation of domain names and hostnames into their corresponding Internet Protocol addresses - resulting in a scenario that effectively breaks the isolation between tenants, thus allowing valuable information to be accessed.

Bugs in Managed DNS Services Cloud Let Attackers Spy On DNS Traffic
2021-08-11 04:57

"We found a simple loophole that allowed us to intercept a portion of worldwide dynamic DNS traffic going through managed DNS providers like Amazon and Google," researchers Shir Tamari and Ami Luttwak from infrastructure security firm Wiz said. The exploitation process hinges on registering a domain on Amazon's Route53 DNS service with the same name as the DNS name server - which provides the translation of domain names and hostnames into their corresponding Internet Protocol addresses - resulting in a scenario that effectively breaks the isolation between tenants, thus allowing valuable information to be accessed.

All your DNS were belong to us: AWS and Google Cloud shut down spying vulnerability
2021-08-06 19:34

This undocumented spying option was also available at Google Cloud DNS and at least one other DNS-as-a-service provider. In a presentation earlier this week at the Black Hat USA 2021 security conference in Las Vegas, Nevada, Shir Tamari and Ami Luttwak from security firm Wiz, described how they found a DNS name server hijacking flaw that allowed them to spy on the dynamic DNS traffic of other customers.

New DNS Attack Enables 'Nation-State Level Spying' via Domain Registration
2021-08-06 15:08

A new domain name system attack method that involves registering a domain with a specific name can be leveraged for what researchers described as "Nation-state level spying." The attack method was identified by researchers at cloud infrastructure security company Wiz while conducting an analysis of Amazon Route 53, a cloud DNS web service offered to AWS users.

New DNS vulnerability allows 'nation-state level spying' on companies
2021-08-05 19:31

Security researchers found a new class of DNS vulnerabilities impacting major DNS-as-a-Service providers that could allow attackers to access sensitive information from corporate networks. "We found a simple loophole that allowed us to intercept a portion of worldwide dynamic DNS traffic going through managed DNS providers like Amazon and Google," the Wiz researchers said.