Google security experts disclosed seven distinct vulnerabilities in the Dnsmasq software package. Regardless of what you may think of Google as a company, it is difficult to criticize their prolific and in-depth security research. The latest example is their disclosure of seven distinct issues in the Dnsmasq software package. From the authors’ website, “Dnsmasq provides network infrastructure for small networks: DNS, DHCP, […]
A remote attacker can trigger the buffer overflow vulnerability to execute malicious code on affected Linux systems with just a malicious DNS response. Chris Coulson, Ubuntu developer at Canonical, has found a critical vulnerability Linux that can be exploited to remotely hack machines running the popular OS. The flaw, tracked as CVE-2017-9445, resides in the Systemd init system […]
A severe distributed denial-of-service (DDoS) it targeting the Managed DNS infrastructure of cloud-based Internet performance management company Dyn. A severe distributed denial-of-service (DDoS) it targeting the Managed DNS infrastructure of cloud-based Internet performance management company Dyn. Many users of major websites are not able to reach web services such as Twitter, GitHub, The list of affected websites […]
Blockchain.info, the world’s most popular Bitcoin wallet and Block Explorer service went down this week due to a DNS Hijacking attack. Crypto-currencies continue to be a privileged target of cyber criminals, Bitcoin wallets and services provided by many companies operating in the industries have been targeted by criminal organizations as never before. Blockchain.info, the world’s […]
A mistake allowed us a peek into the North Korea Internet infrastructure, a security researcher discovered that Pyongyang has just 28 websites. The North Korea is one of the countries that most of all is investing to improve its cyber capabilities and that has one of the largest cyber armies. But North Korea is also known for […]
FireEye has discovered a new strain of POS malware dubbed Multigrain that steals card data from point-of-sale systems and exfiltrates it over DNS. Security experts at FireEye have spotted a new strain of the NewPosThings PoS malware, dubbed Multigrain, that steals payment card data from point-of-sale (PoS) systems and exfiltrate it via DNS to avoid detection. The technique is […]
A security researcher discovered that the improper configuration of some multicast DNS (mDNS) implementations could be used to amplify DDoS attacks. The multicast Domain Name System, also known as mDNS, is a multiplatform service designed to resolve host names to IP addresses within small networks that doesn’t have a local name server. The mDNS can work in a […]
Alleged Hacker belonging to the hacking crew Lizard Squad run a DNS hajacking attack against the Google Vietnam domain. A nasty surprise for Internet users who visited the Google Vietnam website that was presented with a picture of a man taking a selfie, along with a message that claimed the website site was hacked by the […]
A security expert discovered a cross-site request forgery (CSRF) flaw to take over domains registered with GoDaddy, the company has already fixed it. The security engineer Dylan Saccomanni discovered a critical cross-site request forgery (CSRF) vulnerability in GoDaddy domain management console that could be exploited by attackers to take over domains. The vulnerability was discovered on January 17 […]
CERT warns that DNS Cache Poisoning attacks could be used also to hijack email to a rogue server and not only to divert the Internet traffic. DNS attacks are very popular in hacking community, they could be run by cyber criminals and state-sponsored hackers for various purposes, including cyber espionage and financially motivated attacks. A DNS […]