Home Tags Domain Name

Tag: Domain Name

5 weeks after Wcry outbreak, NSA-derived worm shuts down a Honda...

Automaker briefly stops making cars to contain worm that first struck in May.

Nigerian phishing: Industrial companies under attack

In late 2016, the Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team reported on phishing attacks that were primarily targeting industrial companies from the metallurgy, electric power, construction, engineering and other sectors.

As further research demonstrated, this was just part of a bigger story that began much earlier and is unlikely to end any time soon.

50 hashes per hour

In this research we'll be revisiting the USB port – this time in attempts to intercept user authentication data on the system that a microcomputer is connected to.

As we discovered, this type of attack successfully allows an intruder to retrieve user authentication data – even when the targeted system is locked.

DNS Is Still the Achilles’ Heel of the Internet

Domain Name Services is too important to do without, so we better make sure it's reliable and incorruptible

Comcast vendor sent cease-and-desist to operator of anti-Comcast website

Net neutrality website stays online as Comcast agrees to take no further action.

Virulent WCry ransomware worm may have North Korea’s fingerprints on it

Identical code ties Fridayrsquo;s attacks to hacks on Sony Pictures and $1bn bank heist.

DDoS attacks abusing exposed LDAP servers on the rise

Each DDoS (distributed denial-of-service) attack seem to be larger than the last, and recent advisories from Akamai and Ixia indicate that attackers are stepping up their game.

As attackers expand their arsenal of reflection methods to target CLDAP ...

DNS record will help prevent unauthorized SSL certificates

In a few months, publicly trusted certificate authorities will have to start honoring a special Domain Name System (DNS) record that allows domain owners to specify who is allowed to issue SSL certificates for their domains.The Certification Authority Authorization (CAA) DNS record became a standard in 2013 but didn't have much of a real-world impact because certificate authorities (CAs) were under no obligation to conform to them.[ Expand your security career horizons with these essential certifications for smart security pros. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ]The record allows a domain owner to list the CAs that are allowed to issue SSL/TLS certificates for that domain.

The reason for this is to limit cases of unauthorized certificate issuance, which can be accidental or intentional, if a CA is compromised or has a rogue employee.To read this article in full or to leave a comment, please click here

Clean up your DNS act or get pwned like this bank

An organization’s domain name may be its most important asset, and losing control over it affects more than its website.

For a large Brazilian bank, a domain hijacking operation last fall resulted in attackers stealing payment card data, taking over customer accounts, and infecting customers with malware.While the actual bank heist began on Oct. 22, 2016, at around 1 p.m., the preparations for the attack were underway at least five months in advance, said Kaspersky Lab researchers Fabio Assolini and Dmitry Bestuzhev at last week’s Security Analyst Summit.

The sophisticated cybercrime group gained access to the bank’s domain registrar and modified the Domain Name System (DNS) records for the bank’s all 36 online properties.To read this article in full or to leave a comment, please click here

Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs...

Chrome to immediately stop recognizing EV status and gradually nullify all certs.

DNS lookups can reveal every web page you visit, says German...

The fix is simple: turn your modem on and off again to get a new IP address. Or ask your ISP to assign them more often Domain-name lookups only tell you site visits, not pages viewed, right? Wrong: the interaction between a user and the Domain Name System is more revealing than previously believed, according to a paper from German postdoc researcher Dominik Herrmann.…

Debunking 5 Myths About DNS

From the boardroom to IT and the end user, the Domain Name System is often misunderstood, which can leave organizations vulnerable to attacks.