Home Tags Domain

Tag: Domain

Use of DNS Tunneling for C&C Communications

Often, virus writers don't even bother to run encryption or mask their communications. However, you do get the occasional off-the-wall approaches that don't fall into either of the categories.

Take, for instance, the case of a Trojan that Kaspersky Lab researchers discovered in mid-March and which establishes a DNS tunnel for communication with the C&C server.

New Ad Fraud Campaign Uses Millions of Domain Names to Bilk...

NoTrove has established a huge infrastructure to make money through click redirection and scam traffic-brokering.

Chrome, Firefox, and Opera users beware: This isn’t the apple.com you...

Unicode sleight of hand makes it hard for even savvy users to detect impostor sites.

DDoS attacks abusing exposed LDAP servers on the rise

Each DDoS (distributed denial-of-service) attack seem to be larger than the last, and recent advisories from Akamai and Ixia indicate that attackers are stepping up their game.

As attackers expand their arsenal of reflection methods to target CLDAP ...

DNS record will help prevent unauthorized SSL certificates

In a few months, publicly trusted certificate authorities will have to start honoring a special Domain Name System (DNS) record that allows domain owners to specify who is allowed to issue SSL certificates for their domains.The Certification Authority Authorization (CAA) DNS record became a standard in 2013 but didn't have much of a real-world impact because certificate authorities (CAs) were under no obligation to conform to them.[ Expand your security career horizons with these essential certifications for smart security pros. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ]The record allows a domain owner to list the CAs that are allowed to issue SSL/TLS certificates for that domain.

The reason for this is to limit cases of unauthorized certificate issuance, which can be accidental or intentional, if a CA is compromised or has a rogue employee.To read this article in full or to leave a comment, please click here

Clean up your DNS act or get pwned like this bank

An organization’s domain name may be its most important asset, and losing control over it affects more than its website.

For a large Brazilian bank, a domain hijacking operation last fall resulted in attackers stealing payment card data, taking over customer accounts, and infecting customers with malware.While the actual bank heist began on Oct. 22, 2016, at around 1 p.m., the preparations for the attack were underway at least five months in advance, said Kaspersky Lab researchers Fabio Assolini and Dmitry Bestuzhev at last week’s Security Analyst Summit.

The sophisticated cybercrime group gained access to the bank’s domain registrar and modified the Domain Name System (DNS) records for the bank’s all 36 online properties.To read this article in full or to leave a comment, please click here

Unraveling the Lamberts Toolkit

The Lamberts is a family of sophisticated attack tools that has been used by one or multiple threat actors against high-profile victims since at least 2008.

The arsenal includes network-driven backdoors, several generations of modular backdoors, harvesting tools, and wipers.

Cisco UCS Director Virtual Machine Information Disclosure Vulnerability

A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in ...

APT29 Used Domain Fronting, Tor to Execute Backdoor

APT29, a/k/a Cozy Bear, has used Tor and a technique called domain fronting in order to secure backdoor access to targets for nearly two years running.

Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs...

Chrome to immediately stop recognizing EV status and gradually nullify all certs.

DNS lookups can reveal every web page you visit, says German...

The fix is simple: turn your modem on and off again to get a new IP address. Or ask your ISP to assign them more often Domain-name lookups only tell you site visits, not pages viewed, right? Wrong: the interaction between a user and the Domain Name System is more revealing than previously believed, according to a paper from German postdoc researcher Dominik Herrmann.…

Famous Four Media’s .LOAN has over 1,500,000 general and premium domain...

Famous Four Media, one of the world’s leading domain registry operators, is delighted to announce that its dot LOAN gTLD has surpassed 1,500,000 registrations! This represents another extraordinary milestone.

Famous Four Media now has two registries with over 1,200,000 registrations under our management.
In addition to the amazing growth in the dot LOAN registry, FFM’s registries continue to outperform market expectations. Regarding this success, FFM’S Chief Revenue Officer, Christopher Cousins, said, “It is a pleasure... Source: RealWire