DNS requests – WindowsTechs.com

DHS prepares emergency order to prevent DNS hijacking

Posted on January 22, 2019 by Sean Lyngaas

The Department of Homeland Security is preparing to issue a rare “emergency” directive ordering federal civilian agencies to secure the login credentials for their internet domain records, according to government officials familiar with the matter. DHS is expected to issue the order as soon as Tuesday, officials said, out of concern that federal agencies could be vulnerable to cyberattacks intended to gain access to the platforms used to manage domain name system (DNS) records. The DNS system, dubbed the “phone book of the internet,” translates a domain name to a valid IP address, sending a user to the website they are trying to access. Once compromised, a DNS server or registrar account can be used to redirect users to a malware-laden website. There are at least six civilian agency domains that have been affected by malicious DNS activity, according to people familiar with the matter. The emergency directive, which carries more urgency than DHS’s more-common Binding Operational […]

The post DHS prepares emergency order to prevent DNS hijacking appeared first on CyberScoop.

Continue reading DHS prepares emergency order to prevent DNS hijacking→

Microsoft Patches Critical Windows DNS Client Vulnerabilities

Posted on October 10, 2017 by Michael Mimoso

Microsoft patched three memory corruption vulnerabilities in the Windows DNS client that could be abused by a man-in-the-middle attacker to run arbitrary code. Continue reading Microsoft Patches Critical Windows DNS Client Vulnerabilities→

Attackers Backdoor Another Software Update Mechanism

Posted on August 15, 2017 by Michael Mimoso

Researchers at Kaspersky Lab said today that the update mechanism for Korean server management software provider NetSarang was compromised and serving a backdoor called ShadowPad.
Continue reading Attackers Backdoor Another Software Update Mechanism→

Russian bank threatens researcher with CFAA suit over DNS request data

Posted on March 21, 2017 by Greg Otto

A Russian bank under investigation for possible ties to the Trump Organization has threatened at least one security researcher with a lawsuit over the dissemination of data that point to a server connection between the bank and the company. In a document obtained by CyberScoop, Alfa Bank sent Indiana University computer researcher L. Jean Camp a notice that it’s pursuing “all available options” after Camp’s research suggested the bank engaged in some form of communication with the Trump Organization. Washington-based law firm Kirkland & Ellis sent the letter on the bank’s behalf on March 17. Among the options listed is litigation under the Computer Fraud and Abuse Act’s civil action provision, which allows companies to sue for damages in the event of unauthorized computer access. Foreign entities can bring cases to U.S. federal courts under a CFAA provision that allows private causes of action. Camp’s research has pointed to Alfa Bank’s servers making […]

The post Russian bank threatens researcher with CFAA suit over DNS request data appeared first on Cyberscoop.

Continue reading Russian bank threatens researcher with CFAA suit over DNS request data→