Security News
Microsoft has added a privacy feature to Windows 11 called DNS-over-HTTPS, allowing users to perform encrypted DNS lookups to bypass censorship and Internet activity. DNS-over-HTTPS allows your computer to perform these DNS lookups over an encrypted HTTPS connection rather than through normal plain text DNS lookups, which ISPs and governments can snoop on.
The role DNS plays in network securityNew EfficientIP and IDC research sheds light on the frequency of the different types of DNS attack and the associated costs for the last year throughout the COVID-19 pandemic. New Google tool reveals dependencies for open source projectsGoogle has been working on a new, experimental tool to help developers discover the dependencies of the open source packages/libraries they use and known security vulnerabilities they are currently sporting.
These figures illustrate the pivotal role of DNS for network security, both as a threat vector and security objective. Around a quarter of companies have suffered a DNS attack abusing cloud misconfiguration, with 47% of companies suffering cloud service downtime as a result of DNS attacks.
You've probably connected that laptop to coffee shop networks, where there's either no password, an easy password or zero guarantees of the level of security applied to the Wi-Fi. What do you do? One thing you most certainly should do is configure both Chrome OS and Chrome to use secure DNS. By doing this, all of your DNS queries are encrypted, so you don't have to worry so much that some ne'er-do-well is listening in on the packets you send out. The first thing we'll do is enable Secure DNS in Chrome, which uses DNS-over-HTTPS to encrypt all DNS traffic.
Security researchers Thursday disclosed a new critical vulnerability affecting Domain Name System resolvers that could be exploited by adversaries to carry out reflection-based denial-of-service attacks against authoritative nameservers. "TsuNAME occurs when domain names are misconfigured with cyclic dependent DNS records, and when vulnerable resolvers access these misconfigurations, they begin looping and send DNS queries rapidly to authoritative servers and other resolvers," the researchers said.
Some DNS resolvers are affected by a vulnerability that can be exploited to launch distributed denial-of-service attacks against authoritative DNS servers, a group of researchers warned this week. Google and Cisco, both of which provide widely used DNS services, have deployed patches for TsuNAME, but the researchers believe many servers are still vulnerable to attacks.
Attackers can use a newly disclosed domain name server vulnerability publicly known as TsuNAME as an amplification vector in large-scale reflection-based distributed denial of service attacks targeting authoritative DNS servers. In simpler terms, authoritative DNS servers translate web domains to IP addresses and pass this info to recursive DNS servers that get queried by regular users' web browsers when trying to connect to a specific website.
Both Register.com and Network Solutions are suffering from an ongoing DNS outage that prevents access to websites, VPNs, and other services. This outage started early this morning with customers suddenly finding that their websites or business services were no longer accessible via their hostnames.
The Internet Systems Consortium has released updates for the BIND DNS software to patch several vulnerabilities that can be exploited for denial-of-service attacks and one possibly even for remote code execution. Only servers using a certain feature with non-default configurations are vulnerable to attacks, but ISC suggested these types of servers may not be uncommon.
New DNS vulnerabilities have the potential to impact millions of devicesForescout Research Labs, in partnership with JSOF, disclosed a new set of DNS vulnerabilities, dubbed NAME:WRECK. FBI removes web shells from hacked Microsoft Exchange serversAuthorities have executed a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable on-premises versions of Microsoft Exchange Server software in the United States. The benefits of cyber threat intelligenceIn this Help Net Security podcast, Maurits Lucas, Director of Intelligence Solutions at Intel 471, discusses the benefits of cyber threat intelligence.