Collaborate Disseminate
Today I was visiting a website, using HTTPS obviously, that firefox gave me a certificate error and said that the certificate did not match the website’s information.
After a bit of investigation, it seems to me that my DNS provider is pro… Continue reading Can your ISP pull off a man-in-the-middle attack over unencrypted DNS?
A 40-year-old man could face up to 10 years in prison, after admitting in a US District Court to sabotaging his former employer’s computer systems.
Read more in my article on the Tripwire State of Security blog. Continue reading IT admin admits sabotaging ex-employer’s network in bid for higher salary
Is there a way I can add DNS over HTTPS details to Windows settings before it makes the first connection to the Internet during installation? I’m using the latest version of Windows 11.
Either by pressing Shift + F10 during boot process wh… Continue reading How can I add secure DNS (DoH) to Windows settings before Windows makes any connections to the Internet during installation? [migrated]
September 2022 Patch Tuesday is here, with fixes for 64 CVE-numbered vulnerabilities in various Microsoft products, including one zero-day (CVE-2022-37969) exploited by attackers. About CVE-2022-37969 CVE-2022-37969 is an elevation of privilege vulnera… Continue reading Microsoft fixes exploited zero-day in the Windows CLFS Driver (CVE-2022-37969)
We have an spf record and when I do a check on it, it shows strange characters on the end. When I do the check on mxtoolbox, every test is passed. When I do a check on dmarcly I get a warning bad syntax and on powerddmarc I get a warning a… Continue reading Spf record with bad syntax [closed]
Akamai’s security research team examined potentially compromised devices, discovering that 12.3% communicated with domains associated with malware or ransomware during Q2 2022. This Help Net Security video uncovers how malicious DNS traffic affects peo… Continue reading Malicious DNS traffic targets corporate and personal devices
I’m trying to implement a toy project DNSSEC supported DNS resolver to learn about both DNS and DNSSEC.
Most of my implementation are finished. But for some domains it’s not working correctly, and I noticed some differences when comparing … Continue reading How to properly handle DNSKEY delegation across DNS zones?
Today I received an SMS
AusPost: Your package address is incorrect and delivery failed, please
update address information via the link.
https://auspost.requestupdate.com
If I do a whois auspost.requestupdate.com by https://www.whois.com… Continue reading Are brand-new DNS registrations an easy way to detect phishing?
I have an SPF record that has too many DNS lookups. Consequence is some mail servers will silently drop emails; RFC7028 says that over 10 lookups:
SPF implementations MUST limit the total number of those terms to 10 during SPF evaluation… Continue reading Flattening an SPF record – drawbacks and downsides?
So I noticed recently that despite iOS settings saying all DNS queries go through iCloud Private Relay’s DNS servers, despite Private Relay using Oblivious DNS over HTTPS, and even despite dnsleaktest.com (and others) showing nothing but C… Continue reading Is iCloud Private Relay leaking my DNS queries to my ISP?