Security News
The healthcare industry experienced devastating effects from DNS attacks during the COVID-19 pandemic, more so than other industries, a report from EfficientIP and IDC shows. The report shows that healthcare is more vulnerable than other industries to a variety of consequences from attacks: healthcare is the most likely industry to suffer application downtime, with 53% of healthcare companies in the survey reporting that.
Jack Wallen shows you how to configure specific DNS servers for your Docker container deployments. You do not want your containers using the same DNS as your hosts.
Microsoft has added a privacy feature to Windows 11 called DNS-over-HTTPS, allowing users to perform encrypted DNS lookups to bypass censorship and Internet activity. DNS-over-HTTPS allows your computer to perform these DNS lookups over an encrypted HTTPS connection rather than through normal plain text DNS lookups, which ISPs and governments can snoop on.
The role DNS plays in network securityNew EfficientIP and IDC research sheds light on the frequency of the different types of DNS attack and the associated costs for the last year throughout the COVID-19 pandemic. New Google tool reveals dependencies for open source projectsGoogle has been working on a new, experimental tool to help developers discover the dependencies of the open source packages/libraries they use and known security vulnerabilities they are currently sporting.
These figures illustrate the pivotal role of DNS for network security, both as a threat vector and security objective. Around a quarter of companies have suffered a DNS attack abusing cloud misconfiguration, with 47% of companies suffering cloud service downtime as a result of DNS attacks.
You've probably connected that laptop to coffee shop networks, where there's either no password, an easy password or zero guarantees of the level of security applied to the Wi-Fi. What do you do? One thing you most certainly should do is configure both Chrome OS and Chrome to use secure DNS. By doing this, all of your DNS queries are encrypted, so you don't have to worry so much that some ne'er-do-well is listening in on the packets you send out. The first thing we'll do is enable Secure DNS in Chrome, which uses DNS-over-HTTPS to encrypt all DNS traffic.
Security researchers Thursday disclosed a new critical vulnerability affecting Domain Name System resolvers that could be exploited by adversaries to carry out reflection-based denial-of-service attacks against authoritative nameservers. "TsuNAME occurs when domain names are misconfigured with cyclic dependent DNS records, and when vulnerable resolvers access these misconfigurations, they begin looping and send DNS queries rapidly to authoritative servers and other resolvers," the researchers said.
Some DNS resolvers are affected by a vulnerability that can be exploited to launch distributed denial-of-service attacks against authoritative DNS servers, a group of researchers warned this week. Google and Cisco, both of which provide widely used DNS services, have deployed patches for TsuNAME, but the researchers believe many servers are still vulnerable to attacks.
Attackers can use a newly disclosed domain name server vulnerability publicly known as TsuNAME as an amplification vector in large-scale reflection-based distributed denial of service attacks targeting authoritative DNS servers. In simpler terms, authoritative DNS servers translate web domains to IP addresses and pass this info to recursive DNS servers that get queried by regular users' web browsers when trying to connect to a specific website.