Tag: dns
-
BIND 9 Vulnerabilities Expose DNS Servers to Cache Poisoning and DoS
The Internet Systems Consortium (ISC) has disclosed three critical vulnerabilities in BIND 9, the most widely deployed DNS software globally. All three vulnerabilities were publicly disclosed on October 22, 2025, affecting DNS resolvers and potentially impacting millions of users worldwide. Organizations running affected BIND 9 versions should prioritize immediate patching to prevent exploitation. The three…
-
Cache poisoning vulnerabilities found in 2 DNS resolving apps
At least one CVE could weaken defenses put in place following 2008 disclosure. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/10/bind-warns-of-bugs-that-could-bring-dns-cache-attack-back-from-the-dead/
-
CAASM and EASM: Top 12 attack surface discovery and management tools
Tags: access, ai, api, attack, automation, blockchain, business, cloud, control, corporate, credentials, cyber, cybersecurity, dark-web, data, data-breach, detection, dns, endpoint, exploit, framework, guide, hacking, HIPAA, incident response, infrastructure, intelligence, Internet, leak, marketplace, microsoft, monitoring, network, open-source, PCI, risk, risk-assessment, service, soc, software, supply-chain, technology, threat, tool, update, vulnerabilityCAASM and EASM tools for attack surface discovery and management: Periodic scans of the network are no longer sufficient for maintaining a hardened attack surface. Continuous monitoring for new assets and configuration drift are critical to ensure the security of corporate resources and customer data.New assets need to be identified and incorporated into the monitoring…
-
Dead-Drop Resolvers: Malware’s Quiet Rendezvous and Why Adaptive Defense Matters
At this weekend’s BSides NYC, Dr. Jonathan Fuller, CISO of the U.S. Military Academy at West Point, delivered an extremely clear talk on how modern malware hides its command-and-control (C2) infrastructure through dead-drop resolvers. Fuller, who co-authored Georgia Tech’s VADER project, described how adversaries increasingly use public platforms-GitHub, Dropbox, Pastebin, even blockchain transactions-as-covert meeting points…
-
AWS Resolves Major Outage After Nearly 24 Hours of Service Disruption
Amazon Web Services experienced a significant service disruption in its US-EAST-1 region that lasted nearly 24 hours, affecting over 140 services and causing widespread issues for customers worldwide. The outage began late on October 19, 2025, and was fully resolved by the afternoon of October 20. Root Cause Identified as DNS Resolution Issue The incident…
-
AWS Resolves Major Outage After Nearly 24 Hours of Service Disruption
Amazon Web Services experienced a significant service disruption in its US-EAST-1 region that lasted nearly 24 hours, affecting over 140 services and causing widespread issues for customers worldwide. The outage began late on October 19, 2025, and was fully resolved by the afternoon of October 20. Root Cause Identified as DNS Resolution Issue The incident…
-
DNS0.EU private DNS service shuts down over sustainability issues
The DNS0.EU non-profit public DNS service focused on European users announced its immediate shut down due to time and resource constraints. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dns0eu-private-dns-service-shuts-down-over-sustainability-issues/
-
AWS Partially Restores Service Affected by Global Outage
Cloud Giant Blames DNS Misconfiguration. Amazon Web Services is recovering from a service outage that affected its own services and dozens of its clients on Monday including websites of the British government. The cloud computing giant – the world’s largest – blamed a domain name system misconfiguration. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/aws-partially-restores-service-affected-by-global-outage-a-29763
-
Massive AWS Outage Halt The Internet Disrupting Snapchat, Prime Video, Canva, and More
A catastrophic Amazon Web Services (AWS) outage struck on October 20, 2025, bringing down major platforms like Snapchat, Amazon Prime Video, and Canva, and revealing the internet’s dangerous dependence on a single cloud provider. Starting at 12:11 a.m. PDT (12:41 p.m. IST), a DNS resolution failure in AWS’s US-East-1 region in Northern Virginia triggered widespread…
-
AWS Partially Restores Service Impacted in Global Outage
Cloud Giant Blames DNS Misconfiguration. Amazon Web Services is recovering from a service outage that impacted its own services and dozens of its clients on Monday including websites of the British government. The cloud computing giant – the world’s largest – blamed a domain name system misconfiguration. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/aws-partially-restores-service-impacted-in-global-outage-a-29763
-
Major AWS outage across US-East region breaks half the internet
Amazon reports DNS issues hitting DynamoDB, leaving services from Roblox to McDonald’s struggling First seen on theregister.com Jump to article: www.theregister.com/2025/10/20/amazon_aws_outage/
-
What the Huge AWS Outage Reveals About the Internet
Amazon Web Services experienced DNS resolution issues on Monday morning, taking down wide swaths of the web”, and highlighting a longstanding weakness in the internet’s infrastructure. First seen on wired.com Jump to article: www.wired.com/story/what-that-huge-aws-outage-reveals-about-the-internet/
-
Amazon DNS outage breaks much of the internet
The outage affected websites like Coinbase and Fortnite, and disrupted services like Signal, Zoom and Amazon’s own products, including Ring. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/20/amazon-dns-outage-breaks-much-of-the-internet/
-
DNS0 ist abgeschaltet. Ein Rückblick auf das kurze Leben des EU-finanzierten DNS-Resolvers.
Tags: dnsDNS0 ist Geschichte. Betreiber war eine französische Non-Profit-Organisation, 2022 gegründet von Romain”¯Cointepas und Olivier”¯Poitrey. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/datenschutz/dns0-ist-abgeschaltet-ein-rueckblick-auf-das-kurze-leben-des-eu-finanzierten-dns-resolvers-321955.html
-
TDL 007 – Cyber Warriors Digital Shadows: Insights from Canada’s Cybersecurity Leader
Tags: ai, awareness, backup, breach, browser, business, cio, ciso, communications, conference, control, corporate, country, cryptography, cyber, cybersecurity, dark-web, data, data-breach, defense, dns, email, encryption, finance, government, healthcare, identity, incident, infrastructure, intelligence, Internet, jobs, law, leak, linux, malicious, mfa, mitigation, network, organized, phone, privacy, ransom, ransomware, RedTeam, resilience, risk, risk-management, router, service, startup, strategy, supply-chain, switch, tactics, technology, theft, threat, tool, training, windowsSummary In this episode of The Defender’s Log, host David Redekop interviews Sami Khoury, the Senior Official for Cybersecurity for the Government of Canada. With a career spanning 33 years at the Communication Security Establishment (CSE), Khoury shares how a coincidental job application blossomed into a lifelong passion for national security. Khoury emphasizes that modern…
-
There’s no such thing as quantum incident response and that changes everything
Tags: apple, attack, china, compliance, computer, cryptography, data, dns, encryption, finance, group, healthcare, incident response, Internet, linkedin, nist, PCI, risk, serviceStep one: Inventory your algorithms and data with a view towards which sensitive data ought to be protected with PQC. This is a data classification exercise where you need to add a column to track whether the datastore or application qualifies for PQC.Step two: Check your internet-facing assets to see which, if any, are already…
-
There’s no such thing as quantum incident response and that changes everything
Tags: apple, attack, china, compliance, computer, cryptography, data, dns, encryption, finance, group, healthcare, incident response, Internet, linkedin, nist, PCI, risk, serviceStep one: Inventory your algorithms and data with a view towards which sensitive data ought to be protected with PQC. This is a data classification exercise where you need to add a column to track whether the datastore or application qualifies for PQC.Step two: Check your internet-facing assets to see which, if any, are already…
-
There’s no such thing as quantum incident response and that changes everything
Tags: apple, attack, china, compliance, computer, cryptography, data, dns, encryption, finance, group, healthcare, incident response, Internet, linkedin, nist, PCI, risk, serviceStep one: Inventory your algorithms and data with a view towards which sensitive data ought to be protected with PQC. This is a data classification exercise where you need to add a column to track whether the datastore or application qualifies for PQC.Step two: Check your internet-facing assets to see which, if any, are already…
-
AdGuard und Pi-hole per Smartphone verwalten
Tags: dnsAdGuard und Pi-hole per Smartphone verwalten. So steuerst du deine Blocklisten und DNS-Einstellungen mobil, sicher und bequem mit den Apps! First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/datenschutz/adguard-und-pi-hole-per-smartphone-verwalten-321726.html
-
Datenleck bei SonicWall betrifft alle CloudKunden
Tags: backup, cloud, cyberattack, data-breach, dns, encryption, firewall, intelligence, Internet, ransomware, risk, security-incident, threat, updateDer Sicherheitsvorfall bei SonicWall ist umfangreicher als bisher angenommen.Am 17. September gab der Security-Anbieter SonicWall bekannt, dass Cyberkriminelle Backup-Dateien entwendet hätten, die für die Cloud-Sicherung konfiguriert waren. Damals behauptete das Unternehmen, der Vorfall sei auf “weniger als fünf Prozent” der Kunden beschränkt. Nun muss der Firewall-Anbieter einräumen, dass “alle Kunden”, die die MySonicWall-Cloud-Backup-Funktion nutzten, von…
-
Datenleck bei SonicWall betrifft alle CloudKunden
Tags: backup, cloud, cyberattack, data-breach, dns, encryption, firewall, intelligence, Internet, ransomware, risk, security-incident, threat, updateDer Sicherheitsvorfall bei SonicWall ist umfangreicher als bisher angenommen.Am 17. September gab der Security-Anbieter SonicWall bekannt, dass Cyberkriminelle Backup-Dateien entwendet hätten, die für die Cloud-Sicherung konfiguriert waren. Damals behauptete das Unternehmen, der Vorfall sei auf “weniger als fünf Prozent” der Kunden beschränkt. Nun muss der Firewall-Anbieter einräumen, dass “alle Kunden”, die die MySonicWall-Cloud-Backup-Funktion nutzten, von…
-
TDL 006 – Beyond the Firewall: How Attackers Weaponize Your DNS
Tags: access, attack, breach, business, cisa, ciso, computer, conference, control, cyber, data, data-breach, dns, exploit, firewall, google, government, group, guide, infrastructure, intelligence, Internet, iraq, jobs, leak, malicious, malware, network, phishing, ransomware, service, software, switch, threat, tool, windowsSummary Beyond the Firewall: How Attackers Weaponize Your DNS For many IT professionals, DNS is the internet’s invisible plumbing, historically managed by a “guy with a Unix beard in the basement,” as Infoblox educator Josh Kuo recalled on the Defenders Log podcast. But this foundational, often overlooked, protocol has become a primary vector for sophisticated…
-
KI knackt DNS-Sicherheitssysteme gegen Biowaffen
Forscher zeigen, wie künstliche Intelligenz Schutzmaßnahmen gegen die Entwicklung von Biowaffen und Giften umgehen könnte. First seen on golem.de Jump to article: www.golem.de/news/microsoft-ki-knackt-dns-sicherheitssysteme-gegen-biowaffen-2510-200792.html
-
Detour Dog und die DNS-TXT-Kommunikation eine neue Dimension der Malware-Verteilung
Die Malware-Kampagne von Detour Dog ist schon lange aktiv. In WordPress-Blogs bettete man dafür ein ausgeklügeltes JavaScript ein. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/cyberangriffe/detour-dog-und-die-dns-txt-kommunikation-eine-neue-dimension-der-malware-verteilung-321394.html
-
New Smish: New York Department of Revenue
As I was visiting SmishTank to report the most recent SMish that I had received (an iMessage from a +27 South African telephone number claiming to be from ParkMobile) I noticed there had been many recent submissions from the New York Department of Revenue. SmishTank is operated by Professor Muhammad Lutfor Rahman, a colleague of mine…
-
Dynamic DNS Abuse Helps Threat Actors Evade Detection and Persist
Threat actors exploit Dynamic DNS for resilient C2 networks. Learn why DDNS abuse matters and how defenders can respond. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/dns-abuse-fuels-cyber-attacks/