Collaborate Disseminate
I keep setting my DNS on a Mac to 1.1.1.1 and 8.8.8.8 and ATT keeps changing it back to theirs. On my Mac!
How is this possible? and how can I prevent it?
Continue reading how to stop my ISP from changing my computer DNS setting
I’m learning about X509 certs used in client-cert authentication to https endpoints. I have a nice Python script that checks many facets of the client-cert.
Is there any validation that can be performed from a reverse DNS lookup on the cli… Continue reading What client-cert validation can be gleaned from DNS/reverse DNS lookup?
It’s not news that some of the top government agencies and companies in the world were victims of the SolarWinds attack. At this point, I can say it’s the reason I didn’t have a smoother transition back into work-life following a long vacation. As I understand it, the breaches happened after malicious code was inserted into a software patch that was downloaded by the companies and agencies. The installation of the patch executed malicious code, called SUNBURST, which created an entry point for other malicious codes (TEARDROP/RAINDROP). These additional codes were used to allow attackers to move laterally within the network and exfiltrate sensitive customer information to a public command and control server. Continue reading SolarWinds Hack and the Case of DNS Security
It’s not news that some of the top government agencies and companies in the world were victims of the SolarWinds attack. At this point, I can say it’s the reason I didn’t have a smoother transition back into work-life following a long vacation. As I un… Continue reading SolarWinds Hack and the Case of DNS Security
I work at a company that provides a SaaS program for other organizations, and each subscribed organization receives their own subdomain of their choosing – generally they choose the organization name. We recently discovered that there are … Continue reading Rate Limit DNS Subdomain Requests
Phishing continues to be a major attack vector, and it’s surprising just how many security incidents and breaches start with an employee clicking on a link in a carefully crafted phishing email (and sometimes doing the same with a not-so-well crafted phishing email — see this example). Continue reading Phishing: Holiday Season Attacks on the Rise
All’s well that ends well. Continue reading Perl.com gets its domain back – normal service restored!
it’s the old way
android.provider.Settings.System.putString(getContentResolver(), android.provider.Settings.System.WIFI_USE_STATIC_IP, "0");
android.provider.Settings.System.putString(getContentResolver(), android.provider.Settin… Continue reading how to change dns adrress via an infected android app
GitHub Pages allows to set up a public page under <user>.github.io that can optionally be customized with a personal domain. In order to do so:
GitHub must be set up to recognize that an incoming call referred to by a non-GitHub dom… Continue reading How is a DNS wildcard a security issue for GitHub Pages?
A long-running domain supporting the popular programming language Perl has suddenly vanished. We don’t yet know how or why. Continue reading The mystery of the missing Perl website