August 1, 2024 at 05:28PM Russian cybercriminals are exploiting weaknesses in the Domain Name System (DNS) with the “Sitting Ducks” attack, allowing them to gain unauthorized access to domains for malicious activities like malware delivery and data exfiltration. Researchers estimate over 1 million vulnerable domains daily, emphasizing the need for domain owners to evaluate and … Read more
August 1, 2024 at 11:00AM A powerful Sitting Ducks attack, exploiting DNS weaknesses, allows malicious actors to stealthily hijack over a million susceptible domains, serving malware and engaging in spam. The attack, more likely to succeed and harder to detect than other hijacking methods, has been utilized by Russian-nexus cybercriminals, posing a significant threat to … Read more
May 14, 2024 at 10:07AM Attackers are exploiting DNS tunneling to track victims’ network activity and infrastructure vulnerabilities. This advanced technique enables them to hide malicious data within legitimate outbound DNS traffic, evading traditional detection methods. Researchers have identified campaigns using DNS tunneling for tracking user behavior and network scanning, urging organizations to control resolver … Read more
May 14, 2024 at 08:35AM Threat actors are using DNS tunneling to track email delivery and victim interaction with malicious domains, scan networks, and perform reflection attacks. Palo Alto Networks has identified three campaigns employing this technique, tracking over 700 victims with 75 IP addresses resolving 658 domains. Organizations should update resolver software to mitigate … Read more
February 14, 2024 at 08:03AM A new DNS vulnerability, named KeyTrap or CVE-2023-50387, has been discovered by researchers. The flaw in DNSSEC could potentially allow attackers to disrupt large parts of the internet using a single specially crafted DNS packet. While patches are being released, prevention may require changes to the underlying DNSSEC design. The … Read more