DNS

Pierluigi Paganini November 20, 2017
Global Cyber Alliance launched the Quad9 DNS service to secure your online experience

Global Cyber Alliance launched the Quad9 DNS service, the free DNS service to secure your online experience and protect your privacy. The Global Cyber Alliance (GCA) has launched the Quad9 DNS service (9.9.9.9), a new free Domain Name Service resolver that will check user’s requests against the IBM X-Force’s threat intelligence database. The Quad9 DNS service non only […]

Pierluigi Paganini October 10, 2017
Microsoft’s October Patch Tuesday addresses critical Windows DNS client Zero-Day Flaws tied to DNSSEC

Microsoft’s October Patch Tuesday addresses three critical zero-day security vulnerabilities tied to the DNSSEC protocol. Microsoft’s October Patch Tuesday addresses three critical security vulnerabilities in the Windows DNS client in Windows 8, Windows 10, and Windows Server 2012 and 2016. The vulnerabilities affect the Microsoft’s implementation of one of the data record features used in the secure […]

Pierluigi Paganini October 03, 2017
Google’s Security Research Team Identifies and Fixes 7 Vulnerabilities in Dnsmasq

Google security experts disclosed seven distinct vulnerabilities in the Dnsmasq software package. Regardless of what you may think of Google as a company, it is difficult to criticize their prolific and in-depth security research. The latest example is their disclosure of seven distinct issues in the Dnsmasq software package. From the authors’ website, “Dnsmasq provides network infrastructure for small networks: DNS, DHCP, […]

Pierluigi Paganini June 29, 2017
A critical flaw allows hacking Linux machines with just a malicious DNS Response

A remote attacker can trigger the buffer overflow vulnerability to execute malicious code on affected Linux systems with just a malicious DNS response. Chris Coulson, Ubuntu developer at Canonical, has found a critical vulnerability Linux that can be exploited to remotely hack machines running the popular OS. The flaw, tracked as CVE-2017-9445, resides in the Systemd init system […]

Pierluigi Paganini October 21, 2016
US users were not able to reach Twitter and other sites due to DDoS on Dyn DNS Service

A severe distributed denial-of-service (DDoS) it targeting the Managed DNS infrastructure of cloud-based Internet performance management company Dyn. A severe distributed denial-of-service (DDoS) it targeting the Managed DNS infrastructure of cloud-based Internet performance management company Dyn. Many users of major websites are not able to reach web services such as Twitter, GitHub, The list of affected websites […]

Pierluigi Paganini October 13, 2016
Bitcoin Wallet Blockchain.info went down due to a DNS Hijacking

 Blockchain.info, the world’s most popular Bitcoin wallet and Block Explorer service went down this week due to a DNS Hijacking attack. Crypto-currencies continue to be a privileged target of cyber criminals, Bitcoin wallets and services provided by many companies operating in the industries have been targeted by criminal organizations as never before. Blockchain.info, the world’s […]

Pierluigi Paganini September 20, 2016
A mistake allowed us a peek into North Korea Internet infrastructure

A mistake allowed us a peek into the North Korea Internet infrastructure, a security researcher discovered that Pyongyang has just 28 websites. The North Korea is one of the countries that most of all is investing to improve its cyber capabilities and that has one of the largest cyber armies. But North Korea is also known for […]

Pierluigi Paganini April 20, 2016
Multigrain PoS malware exfiltrates stolen card data over DNS

FireEye has discovered a new strain of POS malware dubbed Multigrain that steals card data from point-of-sale systems and exfiltrates it over DNS. Security experts at FireEye have spotted a new strain of the NewPosThings PoS malware, dubbed Multigrain, that steals payment card data from point-of-sale (PoS) systems and exfiltrate it via DNS to avoid detection. The technique is […]

Pierluigi Paganini April 02, 2015
mDNS can be abused to amplify the traffic of DDoS attack

A security researcher discovered that the improper configuration of some multicast DNS (mDNS) implementations could be used to amplify DDoS attacks. The multicast Domain Name System, also known as mDNS,  is a multiplatform service designed to resolve host names to IP addresses within small networks that doesn’t have a local name server. The mDNS can work in a […]

Pierluigi Paganini February 24, 2015
Lizard Squad run a DNS hijacking against the Google Vietnam website

Alleged Hacker belonging to the hacking crew Lizard Squad run a DNS hajacking attack against the Google Vietnam domain. A nasty surprise for Internet users who visited the Google Vietnam website that was presented with a picture of a man taking a selfie, along with a message that claimed the website site was hacked by the […]