Home Tags Domain Name System

Tag: Domain Name System

Honeypots and the Internet of Things

According to Gartner, there are currently over 6 billion IoT devices on the planet. Such a huge number of potentially vulnerable gadgets could not possibly go unnoticed by cybercriminals. As of May 2017, Kaspersky Lab’s collections included several thousand different malware samples for IoT devices, about half of which were detected in 2017.

It’s 2017 and someone’s probably still using WINS naming. If so,...

Microsoft's NetBIOS naming is vulnerable: use DNS instead Sysadmins should already have purged WINS from their Microsoft Windows Server environments – but if they haven't, there's a new reason to take it for one last walk out behind the shed.…

DNS Is Still the Achilles’ Heel of the Internet

Domain Name Services is too important to do without, so we better make sure it's reliable and incorruptible

Kubernetes foundation takes on container networking

 (CNCF), which seeks to drive large-scale cloud computing with an emphasis on containers and microservices, has just added the Container Network Interface (CNI) project to its fold.The project joins others hosted by the nonprofit foundation, including the Kuberrnetes container orchestration platformnbsp;and CoreDNS DNS server.

CNI had been a GitHub open source project.
It features a specification and libraries to write plugins for configuring networking interfaces in Linux containers.[ To the cloud! Real-world container migrations. | Dig into the the red-hot open source framework in InfoWorldrsquo;s beginnerrsquo;s guide to Docker. ]The foundationrsquo;s adoption of CNI is meant to increase its focus on network connectivity of containers and the removal of allocated sources when the container is deleted. “The idea [is] that CNI is a standard way of being able to use different networking technologies,” said Dan Kohn, the foundationrsquo;s executive director.To read this article in full or to leave a comment, please click here

Mirai DNS Water Torture finance sector attack dominated Q1: Akamai

The vendor's first quarter threat report has found Mirai DNS Water Torture Attacks, a DNS query flood included in Mirai malware, targeted its customers in the financial services industry.

Taiwan government to block Google’s public DNS in favor of HiNet’s

Claims it's for cybersecurity – but whose security exactly? The Taiwanese government intends to block Google's public DNS service, citing cybersecurity concerns.…

Oracle rethinks modular Java plan after Red Hat’s objections

Oracle's chief Java architect has proposed tweaks to Java's modular plan.

The revisions were said to be not in response to recent objections by Red Hat and IBM, but they do appear to address one of the concerns.In a post to an openjdk mailing list o...

Use of DNS Tunneling for C&C Communications

Often, virus writers don't even bother to run encryption or mask their communications. However, you do get the occasional off-the-wall approaches that don't fall into either of the categories.

Take, for instance, the case of a Trojan that Kaspersky Lab researchers discovered in mid-March and which establishes a DNS tunnel for communication with the C&C server.

DDoS attacks abusing exposed LDAP servers on the rise

Each DDoS (distributed denial-of-service) attack seem to be larger than the last, and recent advisories from Akamai and Ixia indicate that attackers are stepping up their game.

As attackers expand their arsenal of reflection methods to target CLDAP ...

​Melbourne IT confirms DDoS attack behind DNS outage

Melbourne IT has said its DNS outage on Thursday was the result of a large distributed denial-of-service attack.

Forget the Tax Man: Time for a DNS Security Audit

Here's a 5-step DNS security review process that's not too scary and will help ensure your site availability and improve user experience.

DNS record will help prevent unauthorized SSL certificates

In a few months, publicly trusted certificate authorities will have to start honoring a special Domain Name System (DNS) record that allows domain owners to specify who is allowed to issue SSL certificates for their domains.The Certification Authority Authorization (CAA) DNS record became a standard in 2013 but didn't have much of a real-world impact because certificate authorities (CAs) were under no obligation to conform to them.[ Expand your security career horizons with these essential certifications for smart security pros. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ]The record allows a domain owner to list the CAs that are allowed to issue SSL/TLS certificates for that domain.

The reason for this is to limit cases of unauthorized certificate issuance, which can be accidental or intentional, if a CA is compromised or has a rogue employee.To read this article in full or to leave a comment, please click here