Archive for the ‘DNS Attacks’ Category

Serious Security: How dEliBeRaTe tYpOs might imProVe DNS security

Over the years, we’ve written and spoken on Naked Security many times about the thorny problem of DNS hijacking. DNS, as you probably know, is short for domain name system, and you’ll often hear it described as the internet’s “telephone directory” or “gazetteer”. If you’re not familiar with the word gazeteer, it refers to the index at the back of an atlas […]

Leave a Comment

The impact of DNS attacks on global organizations

Often we see stories about cyber attacks that breached an organisations’ security parameters, and advice on how we can protect against future threats. However, what is often missed, is just how these threat actors managed to breach a system, and as such, the fact that the Domain Name System (DNS) probably played a very large […]

Leave a Comment

A DNS flaw impacts a library used by millions of IoT devices

A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. Nozomi Networks warns of a vulnerability, tracked as CVE-2022-05-02, in the domain name system (DNS) component of the uClibc library which is used by a large number of IoT products. The flaw also affects DNS implementation of all versions of the uClibc-ng library, which is […]

Leave a Comment

B1txor20 Linux botnet use DNS Tunnel and Log4J exploit

Researchers uncovered a new Linux botnet, tracked as B1txor20, that exploits the Log4J vulnerability and DNS tunnel. Researchers from Qihoo 360’s Netlab have discovered a new backdoor used to infect Linux systems and include them in a botnet tracked as B1txor20. The malware was first spotted on February 9, 2022, when 360Netlab’s honeypot system captured an […]

Leave a Comment

How do I select an attack detection solution for my business?

When selecting an attack detection solution, no single product will provide the adequate detection needed that is required to detect and defend against the current advanced threat landscape. The holistic aspect of defending against threat actors requires technology, expertise, and intelligence. The technology should be a platform of integrated technologies providing detection at each point […]

Leave a Comment

List of DNSpooq vulnerability advisories, patches, and updates

Yesterday, seven Dnsmasq vulnerabilities were disclosed, collectively known as DNSPooq, that attackers can use to launch DNS Cache Poisoning, denial of service, and possibly remote code execution attacks, on affected devices. Dnsmasq is a widely used open-source Domain Name System (DNS) forwarding application commonly installed on routers, operating systems, access points, and other networking equipment.  Vendors have started […]

Leave a Comment

Hackers abuse lookalike domains and favicons for credit card theft

Hackers are abusing a new technique: combining homoglyph domains with favicons to conduct credit card skimming attacks. Source: Hackers abuse lookalike domains and favicons for credit card theft Credit Card Scammers on the Dark Web Preventing Credit Card Fraud: A Complete Guide for Everyone from Merchants to Consumers PCI Compliance Download a Security Risk Assessment Steps […]

Leave a Comment

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that […]

Leave a Comment