Facebook — along with Instagram and WhatsApp — went down globally today. Basically, someone deleted their BGP records, which made their DNS fall apart. …at approximately 11:39 a.m. ET today (15:39 UTC), someone at Facebook caused an update to be made to the company’s Border Gateway Protocol (BGP) records. BGP is a mechanism by which … Read More “Facebook Is Down” »
Category: dns
Auto Added by WPeMatico
A few months ago, Brian Krebs told the story of the domain corp.com, and how it is basically a security nightmare: At issue is a problem known as “namespace collision,” a situation where domain names intended to be used exclusively on an internal company network end up overlapping with domains that can resolve normally on … Read More “Microsoft Buys Corp.com” »
This is good news: Whenever you visit a website — even if it’s HTTPS enabled — the DNS query that converts the web address into an IP address that computers can read is usually unencrypted. DNS-over-HTTPS, or DoH, encrypts the request so that it can’t be intercepted or hijacked in order to send a user … Read More “Firefox Enables DNS over HTTPS” »
DNS hijacking isn’t new, but this seems to be an attack of unprecedented scale: Researchers at Cisco’s Talos security division on Wednesday revealed that a hacker group it’s calling Sea Turtle carried out a broad campaign of espionage via DNS hijacking, hitting 40 different organizations. In the process, they went so far as to compromise … Read More “New DNS Hijacking Attacks” »
At the end of January, the US Department of Homeland Security issued a warning regarding serious DNS hijacking attempts against US government domains. Brian Krebs wrote an excellent article detailing the attacks and their implications. Strongly recommended. Powered by WPeMatico
This is worrisome: DDoS vandals have long intensified their attacks by sending a small number of specially designed data packets to publicly available services. The services then unwittingly respond by sending a much larger number of unwanted packets to a target. The best known vectors for these DDoS amplification attacks are poorly secured domain name … Read More “New DDoS Reflection-Attack Variant” »
Late last month, popular websites like Twitter, Pinterest, Reddit and PayPal went down for most of a day. The distributed denial-of-service attack that caused the outages, and the vulnerabilities that made the attack possible, was as much a failure of market and policy as it was of technology. If we want to secure our increasingly … Read More “Regulation of the Internet of Things” »
Both Kaspersky and Symantec have uncovered another piece of malware that seems to be a government design: The malware — known alternatively as “ProjectSauron” by researchers from Kaspersky Lab and “Remsec” by their counterparts from Symantec — has been active since at least 2011 and has been discovered on 30 or so targets. Its ability … Read More “Yet Another Government-Sponsored Malware” »