Tag: dns
-
Week in review: WSUS vulnerability exploited to drop Skuld infostealer, PoC for BIND 9 DNS flaw published
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Can your earbuds recognize you? Researchers are working on it Biometric … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/02/week-in-review-wsus-vulnerability-exploited-to-drop-skuld-infostealer-poc-for-bind-9-dns-flaw-published/
-
Preventing DNS filtering bypass by Encrypted DNS (DoT, DoH, DoQ)
DNS over HTTPS (DoH) and other encrypted DNS protocols like DNS over TLS (DoT) & DNS over QUIC (DoQ) enhances user privacy and security by encrypting DNS queries in transit, shielding them from eavesdropping, tampering, and censorship on untrusted networks. This prevents ISPs and local attackers from logging or manipulating domain resolutions, fostering a more…
-
Defending DNS with Infoblox and Protective DNS
For too long, we’ve treated DNS as a simple utility. It’s just a phonebook for the internet, right? Treating it that way is a mistake. Nearly every single malicious action, whether it’s a phishing link, a command-and-control (C2) callback, or data exfiltration, starts with a DNS query. It is integral to the attacker workflow. So,..…
-
Zensur- und werbefrei durchs Netz: Schritt-für-Schritt-Anleitung
Tags: dnsZensur- und werbefrei durchs Netz mit eigenem DNS-Server mit Technitium, AdGuard und Tailscale. Wir erklären, wie man den Server aufsetzt. First seen on tarnkappe.info Jump to article: tarnkappe.info/tutorials/zensur-und-werbefrei-durchs-netz-schritt-fuer-schritt-anleitung-322371.html
-
Zensur- und werbefrei durchs Netz: Schritt-für-Schritt-Anleitung
Tags: dnsZensur- und werbefrei durchs Netz mit eigenem DNS-Server mit Technitium, AdGuard und Tailscale. Wir erklären, wie man den Server aufsetzt. First seen on tarnkappe.info Jump to article: tarnkappe.info/tutorials/zensur-und-werbefrei-durchs-netz-schritt-fuer-schritt-anleitung-322371.html
-
Public Exploit Code Released for Critical BIND 9 DNS Vulnerability
A public exploit for a critical BIND 9 flaw renews DNS cache-poisoning risk, enabling forged records and traffic redirection. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/public-exploit-code-released-for-critical-bind-9-dns-vulnerability/
-
Microsoft Azure Cloud Apps Shut Down by Configuration Error
Azure Outage Comes a Week After a Cloud DNS Error Disrupted AWS Users. Microsoft’s Azure cloud and 365 systems suffered an outage at noon on Wednesday because of a configuration error – hours before its quarterly earnings call and about a week after rival AWS underwent a widespread outage that shut down applications and services…
-
ThreatsDay Bulletin: DNS Poisoning Flaw, Supply-Chain Heist, Rust Malware Trick and New RATs Rising
The comfort zone in cybersecurity is gone. Attackers are scaling down, focusing tighter, and squeezing more value from fewer, high-impact targets. At the same time, defenders face growing blind spots — from spoofed messages to large-scale social engineering.This week’s findings show how that shrinking margin of safety is redrawing the threat landscape. Here’s what’s First…
-
Microsoft DNS Outage Disrupts Azure and Microsoft 365 Services Worldwide
Microsoft experienced a widespread service outage on Wednesday, October 29, 2025, affecting its Azure cloud platform and Microsoft 365 suite, leaving thousands of users unable to access critical business services. The disruption, which began around 16:00 UTC (approximately 9:30 PM IST), was attributed to Domain Name System (DNS) configuration issues that crippled connectivity across Microsoft’s…
-
DNS outage impacts Azure and Microsoft 365 services
Microsoft is suffering an ongoing DNS outage affecting customers worldwide, preventing them from logging into company networks and accessing Microsoft Azure and Microsoft 365 services. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-dns-outage-impacts-azure-and-microsoft-365-services/
-
DNS outage impacts Azure and Microsoft 365 services
Microsoft is suffering an ongoing DNS outage affecting customers worldwide, preventing them from logging into company networks and accessing Microsoft Azure and Microsoft 365 services. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-dns-outage-impacts-azure-and-microsoft-365-services/
-
SOA Expire Value Out of Recommended Range: What It Means and How to Fix It
Tags: dnsSeeing the “SOA expire value out of recommended range” warning? Learn what it means, the recommended range for SOA expire values, and how to fix this DNS configuration issue easily. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/soa-expire-value-out-of-recommended-range-what-it-means-and-how-to-fix-it/
-
SOA Expire Value Out of Recommended Range: What It Means and How to Fix It
Tags: dnsSeeing the “SOA expire value out of recommended range” warning? Learn what it means, the recommended range for SOA expire values, and how to fix this DNS configuration issue easily. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/soa-expire-value-out-of-recommended-range-what-it-means-and-how-to-fix-it/
-
BSI warnt vor Bind-Lücke: Daten unzähliger DNS-Server manipulierbar
Angreifer können via Cache-Poisoning Datenverkehr auf eigene Domains umleiten. Allein in Deutschland sind laut BSI rund 40.000 DNS-Server anfällig. First seen on golem.de Jump to article: www.golem.de/news/exploit-code-verfuegbar-dns-eintraege-unzaehliger-bind-server-manipulierbar-2510-201636.html
-
Exploit-Code verfügbar: DNS-Einträge unzähliger Bind-Server manipulierbar
Angreifer können via Cache-Poisoning Datenverkehr auf eigene Domains umleiten. Allein in Deutschland sind laut BSI rund 40.000 DNS-Server anfällig. First seen on golem.de Jump to article: www.golem.de/news/exploit-code-verfuegbar-dns-eintraege-unzaehliger-bind-server-manipulierbar-2510-201636.html
-
Atroposia malware kit lowers the bar for cybercrime, and raises the stakes for enterprise defenders
Tags: apt, authentication, automation, ciso, credentials, crime, cybercrime, defense, detection, dns, endpoint, infrastructure, mail, malicious, malware, mfa, monitoring, rat, service, spam, threat, tool, update, vulnerabilityRAT toolkits proliferating: Atroposia is one of a growing number of RAT tools targeting enterprises; Varonis has also recently discovered SpamGPT and MatrixPDF, a spam-as-a-service platform and malicious PDF builder, respectively.Shipley noted that these types of packages which identify additional avenues to maintain persistence have been around for some time; Mirai, which goes back to…
-
PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778)
A high-severity vulnerability (CVE-2025-40778) affecting BIND 9 DNS resolvers could be leveraged by remote, unauthenticated attackers to manipulate DNS entries via cache … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/28/bind-9-vulnerability-cve-2025-40778-poc/
-
Pi-hole XSS CVE-2025-53533: kritische Sicherheitslücke entdeckt
Pi-hole XSS CVE-2025-53533. In der DNS-Software in der Weboberfläche. Der Template-Fehler im Webfrontend kann gravierende Folgen haben. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/cyberangriffe/pi-hole-xss-cve-2025-53533-kritische-sicherheitsluecke-entdeckt-322254.html
-
New BIND 9 Security Flaw (CVE-2025-40778) Threatens Global DNS Infrastructure
A newly disclosed security flaw has put more than 706,000 BIND 9 DNS resolvers worldwide at risk of cache poisoning attacks, according to an advisory published by the Internet Systems Consortium (ISC) on October 22, 2025. The vulnerability, identified as CVE-2025-40778, carries a CVSS v3.1 severity score of 8.6 (High) and could enable remote attackers to inject forged DNS records into resolver caches.…
-
It’s Always DNS: Lessons from the AWS Outage
In episode 404 (no pun intended!) we discuss the recurring issue of DNS outages, the recent Amazon AWS disruption, and what this reveals about our dependency on cloud services. The conversation touches on the need for tested business continuity plans, the implications of DNS failures, and the misconceptions around cloud infrastructure’s automatic failover capabilities. **……
-
706,000+ BIND 9 DNS Resolvers Exposed to Cache Poisoning PoC Released
A critical vulnerability affecting more than 706,000 BIND 9 DNS resolvers worldwide has been disclosed with proof-of-concept exploit code now publicly available. The security flaw enables attackers to perform cache poisoning attacks by injecting malicious DNS records into vulnerable resolver caches, potentially redirecting users to attacker-controlled infrastructure. The vulnerability, tracked as CVE-2025-40778, was disclosed by…
-
A single DNS race condition brought Amazon’s cloud empire to its knees
Fault in DynamoDB system cascaded through AWS services, knocking major sites offline for hours First seen on theregister.com Jump to article: www.theregister.com/2025/10/23/amazon_outage_postmortem/
-
Amazon: This week’s AWS outage caused by major DNS failure
Amazon says a major DNS failure was behind a massive AWS (Amazon Web Services) outage that took down many websites and online services on Monday. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/technology/amazon-this-weeks-aws-outage-caused-by-major-dns-failure/
-
Amazon Reveals Technical Fault Behind Widescale AWS Service Outage
Amazon Web Services experienced a major outage that affected millions of customers and Amazon’s own operations on October 19 and 20, 2025. The company has now confirmed that a DNS resolution issue with regional DynamoDB service endpoints was the root cause of the disruption, which lasted approximately two hours and thirty-five minutes. What Went Wrong…
-
Cloud-Panne: AWS führt weltweite Ausfälle auf eine Race Condition zurück
Die Race Condition ist in einem fehlerhaften DNS-Eintrag gemündet – mit den bekannten Auswirkungen, die sich weltweit bemerkbar machten. First seen on golem.de Jump to article: www.golem.de/news/cloud-panne-aws-fuehrt-weltweite-ausfaelle-auf-eine-race-condition-zurueck-2510-201498.html
-
When “It’s Always DNS” Becomes Your Security Advantage
Every network engineer knows the refrain: “It’s always DNS.” When websites won’t load, applications fail to connect, or mysterious outages emerge, the Domain Name System”, the internet’s essential address book”, is usually involved. For years, this made DNS a source of troubleshooting frustration. But as Infoblox demonstrated in their presentations to Security Field Day, there’s…
-
DTTS – Zero Trust DNS Enforcement: Policy Violation Management
In a default-deny world, where only verified sources and verified destinations are allowed, which require a successful policy-allowed DNS resolution, many modern threats are mitigated, and there’s demonstrable value in choosing this path, including being able to enforce “My network, my rules” approach to egress control. However, in this world where existing applications need to…
-
BIND 9 Vulnerabilities Expose DNS Servers to Cache Poisoning and DoS
The Internet Systems Consortium (ISC) has disclosed three critical vulnerabilities in BIND 9, the most widely deployed DNS software globally. All three vulnerabilities were publicly disclosed on October 22, 2025, affecting DNS resolvers and potentially impacting millions of users worldwide. Organizations running affected BIND 9 versions should prioritize immediate patching to prevent exploitation. The three…
-
BIND 9 Vulnerabilities Expose DNS Servers to Cache Poisoning and DoS
The Internet Systems Consortium (ISC) has disclosed three critical vulnerabilities in BIND 9, the most widely deployed DNS software globally. All three vulnerabilities were publicly disclosed on October 22, 2025, affecting DNS resolvers and potentially impacting millions of users worldwide. Organizations running affected BIND 9 versions should prioritize immediate patching to prevent exploitation. The three…
-
Cache poisoning vulnerabilities found in 2 DNS resolving apps
At least one CVE could weaken defenses put in place following 2008 disclosure. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/10/bind-warns-of-bugs-that-could-bring-dns-cache-attack-back-from-the-dead/