Page 2 - Protective Domain Name System News Today : Breaking News, Live Updates & Top Stories | Vimarsana
Resiliency the Key to Surviving a CDN Outage - BankInfoSecurity
bankinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from bankinfosecurity.com Daily Mail and Mail on Sunday newspapers.
Resiliency the Key to Surviving a CDN Outage
govinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from govinfosecurity.com Daily Mail and Mail on Sunday newspapers.
GovInfoSecurity
Compliance
Compliance Twitter Get Permission
Security researchers have uncovered a flaw dubbed TsuNAME in DNS resolver software that can be used to carry out distributed denial-of-service attacks against authoritative DNS servers. Google and Cisco have resolved the issue in their DNS servers.
Authoritative DNS servers are the final holder of the IP of a domain, responsible for providing details about specific websites to DNS servers, including information on domain names and IP addresses. The security researchers, Giovane C. M. Moura, Sebastian Castro, John Heinemann and Wes Hardaker, note the flaw affects DNS resolvers, which play a key role in converting web links to IP addresses in authoritative DNS servers.
Diagram of attack scenario (Source: Forescout and JSOF)
Forescout Research Labs and the Israeli security firm JSOF have found nine Domain Name System vulnerabilities affecting four TCP/IP stacks that, if exploited, could lead to remote code execution or denial-of-service attacks - potentially on millions of devices.
The group of vulnerabilities, dubbed Name:Wreck, affects the FreeBSD, IPNet, NetX and Nucleus NET stacks. The widespread use of these stacks, together with external exposure of the vulnerable DNS clients, could dramatically increase the attack surface for organizations, JSOF says. Organizations in the healthcare and government sectors are in the top three most affected for all three stacks, Forescout says. If we conservatively assume that 1% of the more than 10 billion deployments … are vulnerable, we can estimate that at least 100 million devices [could potentially be] impacted by Name:Wreck.
GovInfoSecurity
March 31, 2021 Get Permission
As concerns about the number of attacks targeting domain name system protocols continue to grow, the National Security Agency and the Cybersecurity and Infrastructure Security Agency have released new guidance on how to choose and deploy a Protective Domain Name System service to strengthen security.
The domain name system protocol, or DNS, acts as a phone book for the internet, taking the domain names used every day and translating them into a numeric code that helps computers find what the user is seeking. This older protocol is vulnerable to attacks, including DNS hijacking, which involves hackers manipulating records so they can see traffic flowing to a particular website or service (see:
vimarsana © 2020. All Rights Reserved.