Collaborate Disseminate
For my personal use, I bought a domain for internal ssl validation for my pfsense. I was able to get the LetsEncrypt’s ACME script to successfully validate my domain and produce an ssl certificate for a subdomain. I setup my pfsense to use… Continue reading How does DNS-01 validation for LetsEncrypt know what the right IP address is?
The healthcare industry experienced devastating effects from DNS attacks during the COVID-19 pandemic, more so than other industries, a report from EfficientIP and IDC shows. The report shows that the average cost per attack in healthcare increased to … Continue reading Healthcare suffering from DNS attacks more than other industries
Normally, the Windows 7 Dnscache service will communicate via UDP on port 53 and via TCP on port 80. I have observed and logged this behaviour for over a decade.
Suddenly, a Win7 box tried to communicate via TCP on port 53 (destination po… Continue reading Atypical Dnscache service behaviour in Windows [closed]
If someone hijacked our DNS route by changing it via our router config could they capable to route https://acme.com to https://acme.com on an IP that belongs to them.(phishing)
i’ve seen some scenarios that it’s available to route it to ht… Continue reading DNS hijacked router and HTTPS prevention [duplicate]
What is your recollection of May 2017? Emmanuel Macron won the French election. The Ringling Bros. and Barnum & Bailey Circus gave its final performance after a 146-year run. The U.S. FCC voted to overturn net neutrality rules. And the National Health Service in the United Kingdom was crippled by a massive ransomware attack that ended up costing over $120 million. Continue reading The Threat That Never Went Away Is Back (with a Vengeance)
By Paul Dokas, Keith Jones, Anthony Kasza, Yacin Nadji, & Vern Paxson – Corelight Labs Team Recently Blackberry analyzed a new GoLang Remote Access Trojan (RAT) named “ChaChi.” This sample was interesting in that it tunnels information over DNS as … Continue reading Corelight Sensors detect the ChaChi RAT
If someone buys a domain and one may type the URL in but just sees a template page from the registrar but doesn’t purchase a cPanel or VPS or root access or any way to edit the website, does the domain or website managed by a domain seller… Continue reading Are purchased domains from third party registrar or hosting managers without Cpanels or VPS or Editable Pages hackable?
Internet of Things (IoT) devices fall into various categories. Some, such as those located in a hospital setting, are very sophisticated, with advanced operating systems and encryption and certificate capabilities built in. Other examples of note are R… Continue reading Preventing security issues from destroying the promise of IoT
What are those settings for, and which options would be the best for security?
Continue reading What Are These Adapter TCP/IP Settings For? [closed]
I’m reading "Introduction to Computer Security", Pearson New International Edition, 1st edition, by Goodrich and Tamassia.
On the subject of DNS cache poisoning, they mention that a "new" attack was discovered in 2008, … Continue reading Does subdomain DNS cache poisoning depend on the authoritative name server ignoring requests for non-existing domains?