GovInfoSecurity
March 31, 2021 Get Permission
As concerns about the number of attacks targeting domain name system protocols continue to grow, the National Security Agency and the Cybersecurity and Infrastructure Security Agency have released new guidance on how to choose and deploy a Protective Domain Name System service to strengthen security.
The domain name system protocol, or DNS, acts as a phone book for the internet, taking the domain names used every day and translating them into a numeric code that helps computers find what the user is seeking. This older protocol is vulnerable to attacks, including DNS hijacking, which involves hackers manipulating records so they can see traffic flowing to a particular website or service (see:
The massive hack’s scope keeps growing. Unlike the SolarWinds exploit, this one can be automated.
The scope of damage from the newly public Microsoft Exchange vulnerability keeps growing, with some experts saying that it is worse than SolarWinds.
As of last count, more than 60,000 organizations have fallen victim to the attack. The scale of the attack is the biggest threat at this time, said Mark Goodwin, managing senior analyst at security consulting firm Bishop Fox.
Government institutions have been attacked, large corporations, and small local businesses, he told DCK. According to the internet scanning tool Shodan, more than 250,000 servers are vulnerable, he added.
Microsoft Exchange Vulnerability Could Be Worse Than SolarWinds datacenterknowledge.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from datacenterknowledge.com Daily Mail and Mail on Sunday newspapers.
Microsoft Exchange hack, larger than originally believed, prompts emergency task force
SHARE
A campaign by Chinese hackers that targeted Microsoft Corp.’s Exchange Server, an attack Microsoft warned about earlier this month, is larger than originally believed and has prompted the establishment of an emergency task force.
The vulnerabilities are being exploited by a group dubbed Hafnium, which is described as being “highly skilled and sophisticated.” The group apparently was attempting to steal information from U.S. targets, including universities, defense contractors, law firms and infectious-disease researchers.
Although Microsoft has released a patch for the vulnerabilities, the concern is that many users have yet to install the updates.
NSA, CISA, issue guidance on Protective DNS services scmagazine.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from scmagazine.com Daily Mail and Mail on Sunday newspapers.