Tag: dns
-
Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams
The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google’s official app storefronts under the guise of seemingly useful applications.These apps masquerade as VPNs, device “monitoring” apps, RAM cleaners, dating services, and spam blockers, DNS threat intelligence firm Infoblox said in…
-
China’s botched Great Firewall upgrade invites attacks on its censorship infrastructure
Attempts to censor QUIC traffic create chance to block access to offshore DNS resolvers First seen on theregister.com Jump to article: www.theregister.com/2025/08/04/china_great_firewall_quic_security_flaws/
-
ToolShell under siege: Check Point analyzes Chinese APT Storm-2603
Storm-2603 group exploits SharePoint flaws and uses a custom C2 framework, AK47 C2, with HTTP- and DNS-based variants named AK47HTTP and AK47DNS. Check Point Research is tracking a ToolShell campaign exploiting four Microsoft SharePoint flaws, linking it to China-nexus groups APT27, APT31, and a new cluster, Storm-2603. The researchers pointed out that Storm-2603’s goals remain…
-
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks
The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control (C2) framework called AK47 C2 (also spelled ak47c2) in its operations.The framework includes at least two different types of clients, HTTP-based and Domain Name System (DNS)-based, which have been dubbed AK47HTTP and AK47DNS,…
-
Auto-Color RAT targets SAP NetWeaver bug in an advanced cyberattack
Tags: access, ai, attack, cvss, cyberattack, cybersecurity, detection, dns, flaw, malicious, malware, network, rat, sap, update, vulnerability, zero-trustThe attack stopped in its tracks: Darktrace analysts detected the suspicious ELF download and a flurry of odd DNS and SSL connections to known malicious infrastructure. The British cybersecurity outfit claims its “Autonomous Response” intervened within minutes, restricting the device to its usual, legitimate activities while analysts investigated unusual behavior.Darktrace researchers said the malware stalled…
-
NIS2-Umsetzungsgesetz: Geschäftsleitung haftet mit Privatvermögen
Tags: bsi, cloud, computing, cyersecurity, dns, dora, germany, governance, kritis, monitoring, nis-2, risk, risk-management, vulnerabilityNIS2-Versäumnisse können teuer werden nicht nur furs Unternehmen, sondern auch für die Geschäftsleitung persönlich.Angesichts der sich stets verschärfenden Cyberbedrohungslage (nicht nur in Deutschland) hat sich der europäische Gesetzgeber in den letzten Jahren intensiv mit dem Thema IT-Sicherheit befasst. Im Januar 2023 traten gleich drei Gesetze in diesem Zusammenhang in Kraft:die NIS2-Richtlinie,die CER-Richtlinie, sowieDORA.Während DORA als Verordnung…
-
Sicherheitstools überlistet: Hacker verstecken Schadcode in DNS-Einträgen
Angreifer zerlegen seit Jahren Malware in kleine Fragmente und betten sie in DNS-Records ein, um sie auf einem Zielsystem wieder zusammenzusetzen. First seen on golem.de Jump to article: www.golem.de/news/sicherheitstools-ausgetrickst-hacker-verstecken-schadcode-in-dns-eintraegen-2507-198191.html
-
BIND 9 Vulnerabilities Enable Cache Poisoning and Service Disruption
The Internet Systems Consortium (ISC) has disclosed two critical security vulnerabilities in BIND 9, one of the most widely used DNS software implementations worldwide. Published on July 16, 2025, these vulnerabilities could allow attackers to poison DNS caches and disrupt DNS resolution services, potentially affecting millions of internet users and organizations globally. Critical Security Flaws…
-
Hackers Abuse DNS Blind Spots to Stealthily Deliver Malware
Tags: cyber, cybersecurity, dns, exploit, hacker, infrastructure, Internet, malicious, malware, threatCybersecurity researchers have uncovered a sophisticated technique where threat actors are exploiting DNS infrastructure to covertly store and distribute malware, turning the internet’s domain name system into an unwitting accomplice for malicious activities. The discovery reveals how attackers can hide executable files within DNS TXT records, creating a stealthy delivery mechanism that bypasses traditional security…
-
Hackers Are Finding New Ways to Hide Malware in DNS Records
Newly published research shows that the domain name system”, a fundamental part of the web”, can be exploited to hide malicious code and prompt injection attacks against chatbots. First seen on wired.com Jump to article: www.wired.com/story/dns-records-hidden-malicious-code/
-
Hackers Use DNS Queries to Evade Defenses and Exfiltrate Data
Cybercriminals are increasingly exploiting the Domain Name System (DNS) to bypass corporate security measures and steal sensitive data, according to new research from cybersecurity experts. This sophisticated technique, known as DNS tunneling, transforms the internet’s essential >>phonebook
-
Sicherheitstools ausgetrickst: Hacker verstecken Schadcode in DNS-Einträgen
Angreifer zerlegen seit Jahren Malware in kleine Fragmente und betten sie in DNS-Records ein, um sie auf einem Zielsystem wieder zusammenzusetzen. First seen on golem.de Jump to article: www.golem.de/news/sicherheitstools-ausgetrickst-hacker-verstecken-schadcode-in-dns-eintraegen-2507-198191.html
-
Cloudflare Confirms BGP Hijack Behind 1.1.1.1 DNS Disruption
Cloudflare has revealed that a 62-minute global outage of its popular 1.1.1.1 DNS resolver service on July 14, 2025, was caused by an internal configuration error rather than an external attack, though the incident coincided with an unrelated BGP hijack that complicated the situation. The outage, which lasted from 21:52 UTC to 22:54 UTC, affected…
-
Elite ‘Matanbuchus 3.0’ Loader Spruces Up Ransomware Infections
An upgraded cybercrime tool is designed to make targeted ransomware attacks as easy and effective as possible, with features like EDR-spotting and DNS-based C2 communication. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/matanbuchus-loader-ransomware-infections
-
Hackers exploit a blind spot by hiding malware inside DNS records
Technique transforms the Internet DNS into an unconventional file storage system. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/07/hackers-exploit-a-blind-spot-by-hiding-malware-inside-dns-records/
-
DNS over HTTPS Windows: So geht’s ganz einfach
Unser DoH Windows-Guide: Endlich mehr Privatsphäre ohne VPN Schritt für Schritt und in nur wenigen Minuten erklärt und ausgeführt. First seen on tarnkappe.info Jump to article: tarnkappe.info/tutorials/dns-over-https-windows-so-gehts-ganz-einfach-317575.html
-
Echtzeitüberwachung von DNS-Assets in Multicloud-Umgebungen – DNS Posture Management gegen DNS-basierte Angriffe
First seen on security-insider.de Jump to article: www.security-insider.de/dns-posture-management-gegen-dns-basierte-angriffe-a-a0c8723ed607bdcbe1097548686b3e12/
-
DNS issue blocks delivery of Exchange Online OTP codes
Microsoft is working to fix a DNS misconfiguration that is causing one-time passcode (OTP) message delivery failures in Exchange Online for some users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-links-dns-issue-to-exchange-online-otp-delivery-failures/
-
DNS-Sperren umgehen Firefox im Juni 2025
DNS-Sperren umgehen beim Firefox. So richtest du DNS über HTTPS ein, schützt deine Privatsphäre und surfst zensurfrei. Stand Juni 2025. First seen on tarnkappe.info Jump to article: tarnkappe.info/tutorials/dns-sperren-umgehen-firefox-im-juni-2025-317053.html
-
Black Hat SEO Poisoning Search Engine Results For AI to Distribute Malware
IntroductionZscaler ThreatLabz researchers recently uncovered AI-themed websites designed to spread malware. The threat actors behind these attacks are exploiting the popularity of AI tools like ChatGPT and Luma AI. These websites are utilizing platforms such as WordPress and are designed to poison search engine rankings and increase the probability of unsuspecting users landing on these…
-
NCSC Warns of SHOE RACK Malware Targeting Fortinet Firewalls via DOH SSH Protocols
The National Cyber Security Centre (NCSC) has issued a critical alert regarding a newly identified malware, dubbed SHOE RACK, which has been observed targeting Fortinet firewalls and other perimeter devices. Developed using the Go 1.18 programming language, this malicious software demonstrates a high level of sophistication by leveraging DNS-over-HTTPS (DoH) for command and control (C2)…
-
DNS-Sperren umgehen bei Brave und Google Chrome im Handumdrehen
Wer unbeschwert surfen und dabei alle Einschränkungen durch Websperren umgehen will, bekommt für Google Chrome und Brave nun eine Anleitung. First seen on tarnkappe.info Jump to article: tarnkappe.info/tutorials/dns-sperren-umgehen-bei-brave-und-google-chrome-im-handumdrehen-316914.html
-
Uncovering the Technique of Hiding Images in DNS TXT Entries
A curious technique has emerged: hiding images inside DNS TXT records. This approach, which at first glance seems unorthodox, leverages the flexibility of DNS TXT records to store arbitrary data, including the binary data that makes up an image. The method has gained attention among tech enthusiasts and security researchers, sparking discussions on platforms like Reddit…
-
DNS Rebind Protection Revisited
After this week’s attention to META and Yandex localhost abuses, it is time to revisit a core feature/option of protective DNS that offers a feel-good moment to those that applied this safety technique long before this abuse report came about. The in-depth report that triggered this is: Disclosure: Covert Web-to-App Tracking via Localhost on Android.…
-
Technitium DNS: Der Geheimtipp unter den Adblockern
Tags: dnsTechnitium DNS als Adblocker: So blockierst du Werbung & Tracking auf DNS-Ebene. Mehr Speed, besserer Datenschutz und mehr Kontrolle? 3x Ja! First seen on tarnkappe.info Jump to article: tarnkappe.info/test/technitium-dns-der-geheimtipp-unter-den-adblockern-316424.html
-
Why DNS Security Is Your First Defense Against Cyber Attacks?
In today’s cybersecurity landscape, much of the focus is placed on firewalls, antivirus software, and endpoint detection. While these tools are essential, one critical layer often goes overlooked: the Domain Name System (DNS). As the starting point of nearly every online interaction, DNS is not only foundational – it’s increasingly a target. When left unsecured,…
-
CoreDNS Vulnerability Allows Attackers to Exhaust Server Memory via Amplification Attack
A high-severity vulnerability (CVE-2025-47950) in CoreDNS’s DNS-over-QUIC (DoQ) implementation enables remote attackers to crash DNS servers through stream amplification attacks. Patched in v1.21.2, this flaw highlights risks in modern protocol adoption for cloud-native systems Goroutine Proliferation in DoQ Implementation The vulnerability stems from CoreDNS’s handling of QUIC streams in its server_quic.go component. For every incoming…
-
DNS4EU: DNS für EU-Bürger geht online
Erste Tests zeigen, dass der neue in Europa gehostete DNS mit Google und Cloudflare mithalten kann. Es gibt Optionen mit Jugendschutzfilter. First seen on golem.de Jump to article: www.golem.de/news/dns4eu-dns-fuer-eu-buerger-geht-online-2506-197010.html