DNS

PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778)

BIND, BSI, DNS, Don't miss, Hot stuff, News, PoC, vulnerability /

PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778) 2025-10-28 at 19:27 By Zeljka Zorz A high-severity vulnerability (CVE-2025-40778) affecting BIND 9 DNS resolvers could be leveraged by remote, unauthenticated attackers to manipulate DNS entries via cache poisoning, allowing them to redirect Internet traffic to potentially malicious sites, distribute malware, or intercept network […]

React to this headline:

Loading spinner

PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778) Read More »

BIND Updates Address High-Severity Cache Poisoning Flaws

BIND, cache poisoning, DNS, DoS, Vulnerabilities, vulnerability /

BIND Updates Address High-Severity Cache Poisoning Flaws 2025-10-23 at 13:31 By Ionut Arghire The vulnerabilities allow attackers to predict source ports and query IDs BIND will use, and to inject forged records into the cache. The post BIND Updates Address High-Severity Cache Poisoning Flaws appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

BIND Updates Address High-Severity Cache Poisoning Flaws Read More »

Why DNS threats should be on every CISO’s radar in 2025

attacks, CISO, cybersecurity, DNS, Infoblox, News, report, threats /

Why DNS threats should be on every CISO’s radar in 2025 2025-08-12 at 07:32 By Sinisa Markovic DNS is once again in the crosshairs of threat actors. According to the 2025 DNS Threat Landscape Report by Infoblox, attackers are changing tactics, and enterprises are feeling the pressure. The report shows that DNS is being used

React to this headline:

Loading spinner

Why DNS threats should be on every CISO’s radar in 2025 Read More »

EU launches EU-based, privacy-focused DNS resolution service

content filtering, DNS, Don't miss, ENISA, EU, Hot stuff, News, Privacy, Whalebone /

EU launches EU-based, privacy-focused DNS resolution service 2025-06-09 at 17:38 By Zeljka Zorz DNS4EU, an EU-based DNS resolution service created to strengthen European Union’s digital sovereignty, has become reality. What is DNS? The Domain Name System (DNS) “translates” human-readable domain names into IP addresses and back, and is essential for accessing websites. Most users use

React to this headline:

Loading spinner

EU launches EU-based, privacy-focused DNS resolution service Read More »

DNS: The Secret Weapon CISOs May Be Overlooking In the Fight Against Cyberattacks

DNS, Network Security, Uncategorized /

DNS: The Secret Weapon CISOs May Be Overlooking In the Fight Against Cyberattacks 2025-04-08 at 18:04 By Danelle Au While often relegated to a purely functional role, DNS offers unparalleled opportunities for preemptive defense against cyberattacks. The post DNS: The Secret Weapon CISOs May Be Overlooking In the Fight Against Cyberattacks appeared first on SecurityWeek.

React to this headline:

Loading spinner

DNS: The Secret Weapon CISOs May Be Overlooking In the Fight Against Cyberattacks Read More »

US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations

CISA, DNS, fast flux, guidance, Malware & Threats /

US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations 2025-04-04 at 15:29 By Ionut Arghire US and allied countries warn of threat actors using the “fast flux” technique to change DNS records and hide malicious servers’ locations. The post US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server

React to this headline:

Loading spinner

US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations Read More »

UK NCSC offers security guidance for domain and DNS registrars

DNS, domain registration, Don't miss, guidelines, Hot stuff, NCSC, News /

UK NCSC offers security guidance for domain and DNS registrars 2025-03-27 at 16:48 By Zeljka Zorz The UK National Cyber Security Centre (NCSC) has released security guidance for domain registrars and operators of Domain Name System (DNS) services. “DNS registrars have an important role to help counter domain abuses throughout their lifecycle,” the NCSC says.

React to this headline:

Loading spinner

UK NCSC offers security guidance for domain and DNS registrars Read More »

ExtensionHound: Open-source tool for Chrome extension DNS forensics

Chrome, computer forensics, DNS, Don't miss, GitHub, News, open source, software /

ExtensionHound: Open-source tool for Chrome extension DNS forensics 2025-01-30 at 07:03 By Mirko Zorz Traditional monitoring tools reveal only traffic from the Chrome process, leaving security teams uncertain about which extension is responsible for a suspicious DNS query. ExtensionHound solves this by analyzing Chrome’s internal network state and linking DNS activity to specific extensions. ExtensionHound

React to this headline:

Loading spinner

ExtensionHound: Open-source tool for Chrome extension DNS forensics Read More »

Safeguarding the DNS through registries

cybersecurity, DNS, Don't miss, Hot stuff, Identity Digital, Video /

Safeguarding the DNS through registries 2024-11-20 at 07:16 By Help Net Security The integrity of our online ecosystem heavily relies on domain registries, which serve as the foundation for secure and trusted digital experiences. However, threats like Domain Name System (DNS) abuse– manifesting as phishing, malware, and botnets – jeopardize this security. Such abuses harm

React to this headline:

Loading spinner

Safeguarding the DNS through registries Read More »

Cybercriminals hijack DNS to build stealth attack networks

attacks, cybercrime, DNS, hijacking, Infoblox, News, report /

Cybercriminals hijack DNS to build stealth attack networks 2024-11-15 at 16:05 By Help Net Security Hijacking domains using a ‘Sitting Ducks attack’ remains an underrecognized topic in the cybersecurity community. Few threat researchers are familiar with this attack vector, and knowledge is scarce. However, the prevalence of these attacks and the risk to organizations are

React to this headline:

Loading spinner

Cybercriminals hijack DNS to build stealth attack networks Read More »

Chinese Hackers Deliver Malware via ISP-Level DNS Poisoning

China APT, DNS, Malware & Threats, StormBamboo /

Chinese Hackers Deliver Malware via ISP-Level DNS Poisoning 2024-08-05 at 16:47 By Eduard Kovacs Chinese group StormBamboo spotted delivering Windows and macOS malware by compromising an ISP and using DNS poisoning. The post Chinese Hackers Deliver Malware via ISP-Level DNS Poisoning appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Chinese Hackers Deliver Malware via ISP-Level DNS Poisoning Read More »

Chinese hackers compromised an ISP to deliver malicious software updates

APT, cyber espionage, DNS, Don't miss, ESET, Hot stuff, ISP, Malware, News, supply chain compromise, Symantec, Volexity /

Chinese hackers compromised an ISP to deliver malicious software updates 2024-08-05 at 13:46 By Zeljka Zorz APT StormBamboo compromised a undisclosed internet service provider (ISP) to poison DNS queries and thus deliver malware to target organizations, Volexity researchers have shared. Malware delivery via automatic software updates StormBamboo (aka Evasive Panda, aka StormCloud), a Chinese-speaking threat

React to this headline:

Loading spinner

Chinese hackers compromised an ISP to deliver malicious software updates Read More »

Over 35k Domains Hijacked in ‘Sitting Ducks’ Attacks

cybercrime, DNS, domain, hijacking /

Over 35k Domains Hijacked in ‘Sitting Ducks’ Attacks 2024-08-02 at 12:01 By Ionut Arghire Threat actors have hijacked over 35,000 domains in five years because DNS providers fail to properly verify domain ownership. The post Over 35k Domains Hijacked in ‘Sitting Ducks’ Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Over 35k Domains Hijacked in ‘Sitting Ducks’ Attacks Read More »

BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements

BIND, DNS, DNSSEC, Don't miss, networking, News, open source /

BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements 2024-07-25 at 10:01 By Help Net Security BIND (Berkeley Internet Name Domain) is an open-source DNS software system with an authoritative server, a recursive resolver, and related utilities. BIND 9.20, a stable branch suitable for production use, has been released. According to the current software release

React to this headline:

Loading spinner

BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements Read More »

Hackers Exploit Flaw in Squarespace Migration to Hijack Domains

cybercrime, DNS, hijacking, Squarespace /

Hackers Exploit Flaw in Squarespace Migration to Hijack Domains 2024-07-16 at 15:02 By Ionut Arghire Hackers exploited a flaw to hijack cryptocurrency domains that were migrated from Google Domains to Squarespace. The post Hackers Exploit Flaw in Squarespace Migration to Hijack Domains appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Hackers Exploit Flaw in Squarespace Migration to Hijack Domains Read More »

Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks

DNS, Malware, Malware & Threats /

Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks 2024-05-14 at 15:31 By Ionut Arghire Threat actors are using DNS tunneling to track victims’ interaction with spam and to scan network infrastructures. The post Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks Read More »

Ethereum Name Service founder reveals Vitalik Buterin’s fateful grant intervention

DNS, ENS, Ethereum price, Vitalik Buterin /

Ethereum Name Service founder reveals Vitalik Buterin’s fateful grant intervention 2024-03-19 at 13:01 By Cointelegraph by Gareth Jenkinson Ethereum co-founder Vitalik Buterin played a pivotal role in making the development of the Ethereum Naming Service possible. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:

React to this headline:

Loading spinner

Ethereum Name Service founder reveals Vitalik Buterin’s fateful grant intervention Read More »

KeyTrap DNS Attack Could Disable Large Parts of Internet: Researchers

DNS, KeyTrap, Vulnerabilities /

KeyTrap DNS Attack Could Disable Large Parts of Internet: Researchers 2024-02-14 at 15:01 By Eduard Kovacs Patches released for a new DNSSEC vulnerability named KeyTrap, described as the worst DNS attack ever discovered.   The post KeyTrap DNS Attack Could Disable Large Parts of Internet: Researchers appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

KeyTrap DNS Attack Could Disable Large Parts of Internet: Researchers Read More »

PolarDNS: Open-source DNS server tailored for security evaluations

cybersecurity, DNS, Don't miss, GitHub, News, open source, Oryxlabs, software /

PolarDNS: Open-source DNS server tailored for security evaluations 21/11/2023 at 08:36 By Mirko Zorz PolarDNS is a specialized authoritative DNS server that allows the operator to produce custom DNS responses suitable for DNS protocol testing purposes. What can you do with PolarDNS? PolarDNS can be used for testing of: DNS resolvers (server-side) DNS clients DNS

React to this headline:

Loading spinner

PolarDNS: Open-source DNS server tailored for security evaluations Read More »

The 3 key stages of ransomware attacks and useful indicators of compromise

attacks, cybersecurity, data, DNS, Don't miss, Email, Encryption, Expert analysis, Expert corner, Gurucul, hacker, Hot stuff, network, News, opinion, phishing, Ransomware, servers, SOC /

The 3 key stages of ransomware attacks and useful indicators of compromise 08/11/2023 at 09:02 By Help Net Security For SOC teams to be able to defend their organization against ransomware attacks, they need to have the right security toolset, but also an understanding of the three primary ransomware attack stages. In this article, we

React to this headline:

Loading spinner

The 3 key stages of ransomware attacks and useful indicators of compromise Read More »

Scroll to Top