Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 2
23 résultats taggé DNS  ✕
EU launches EU-based, privacy-focused DNS resolution service https://www.helpnetsecurity.com/2025/06/09/eu-launches-eu-based-privacy-focused-dns-resolution-service/
09/06/2025 22:59:39
QRCode
archive.org
thumbnail

DNS4EU, an EU-based DNS resolution service created to strengthen European Union’s digital sovereignty, has become reality.

What is DNS?
The Domain Name System (DNS) “translates” human-readable domain names into IP addresses and back, and is essential for accessing websites.

Most users use DNS resolver services provided by their internet service provider (because they are automatically configured) or a public DNS provider like Google or Cloudflare.

DNS4EU is meant to be a resilient, fast, reliable, secure, privacy-friendly and EU-based alternative for those.

The goal of DNS4EU
DNS4EU is an initiative co-funded by the European Union and supported by the European Union Agency for Cybersecurity (ENISA), though the service is expected to be commercialised, “since it has to be sustainable without operational costs from the EU after 2025.”

It is developed and managed by a consortium of private cybersecurity companies, CERTs, and academic institutions from 10 European Union countries, with Czech cybersecurity company Whalebone as its leader.

“The DNS4EU initiative aligns with the EU’s strategic goal of enhancing its digital autonomy by providing an alternative to the existing public DNS services provided by non-european entities,” says the group.

helpnetsecurity EN 2025 EU DNS DNS4EU launch service ENISA
PhaaS actor uses DoH and DNS MX to dynamically distribute phishing https://blogs.infoblox.com/threat-intelligence/a-phishing-tale-of-doh-and-dns-mx-abuse/
03/04/2025 09:29:20
QRCode
archive.org
thumbnail

Large-scale phishing attacks use DoH and DNS MX records to dynamically serve fake login pages

infoblox EN 2025 PhaaS DoH DNS MX dynamically distribute phishing fake
MasterCard DNS Error Went Unnoticed for Years https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/
22/01/2025 22:39:48
QRCode
archive.org

The payment card giant MasterCard just fixed a glaring error in its domain name server settings that could have allowed anyone to intercept or divert Internet traffic for the company by registering an unused domain name. The misconfiguration persisted for…

krebsonsecurity EN 2025 MasterCard DNS Error Misconfiguration DNS
We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI https://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/
11/09/2024 21:45:21
QRCode
archive.org
thumbnail

We recently performed research that started off "well-intentioned" (or as well-intentioned as we ever are) - to make vulnerabilities in WHOIS clients and how they parse responses from WHOIS servers exploitable in the real world (i.e. without needing to MITM etc).

As part of our research, we discovered that a few years ago the WHOIS server for the .MOBI TLD migrated from whois.dotmobiregistry.net to whois.nic.mobi – and the dotmobiregistry.net domain had been left to expire seemingly in December 2023.

watchtowr EN 2024 DNS WHOIS domain renes
ICANN approves use of .internal domain for your network https://www.theregister.com/2024/08/08/dot_internal_ratified/
09/08/2024 11:06:24
QRCode
archive.org
thumbnail

Vint Cerf revealed Google already uses the string, as do plenty of others

theregister EN ICANN DNS domain ratified
Don’t Let Your Domain Name Become a “Sitting Duck” https://krebsonsecurity.com/2024/07/dont-let-your-domain-name-become-a-sitting-duck/
03/08/2024 01:55:47
QRCode
archive.org

More than a million domain names -- including many registered by Fortune 100 firms and brand protection companies -- are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars,…

krebsonsecurity EN 2024 abused DNS takeover weaknesses Duck domain
TuDoor https://tudoor.net/
26/07/2024 08:14:23
QRCode
archive.org
thumbnail

TuDoor is a new DNS attack, which could be exploited to carry out DNS cache poisoning, denial-of-service, and resource consuming.

DNS can be compared to a game of chess in that its rules are simple, yet the possibilities it presents are endless. While the fundamental rules of DNS are straightforward, DNS implementations can be extremely complex. In this study, we intend to explore the complexities and vulnerabilities in DNS response pre-processing by systematically analyzing DNS RFCs and DNS software implementations.

TuDoor 2024 EN DNS attack implementation cache-poisoning
A root-server at the Internet’s core lost touch with its peers. We still don’t know why. https://arstechnica.com/security/2024/05/dns-glitch-that-threatened-internet-stability-fixed-cause-remains-unclear/
23/05/2024 21:10:50
QRCode
archive.org
thumbnail

For 4 days, the c-root server maintained by Cogent lost touch with its 12 peers.

arstechnica EN 2024 DNS c-root Cogent delay
Les retards du serveur racine C https://www.bortzmeyer.org/c-root-retard.html
23/05/2024 21:09:52
QRCode
archive.org

On fait souvent remarquer que c'est pendant les pannes qu'on peut le mieux observer comment un système marche. Les perturbations qui affectent le serveur racine du DNS identifié par la lettre C sont donc l'occasion d'apprendre comment fonctionne ce système des serveurs racine.

bortzmeyer FR 2024 root DNS c.root-servers.net retard cogent
Leveraging DNS Tunneling for Tracking and Scanning https://unit42.paloaltonetworks.com/three-dns-tunneling-campaigns/
14/05/2024 18:52:34
QRCode
archive.org
thumbnail

This article presents a case study on new applications of domain name system (DNS) tunneling we have found in the wild. These techniques expand beyond DNS tunneling only for command and control (C2) and virtual private network (VPN) purposes.

Malicious actors occasionally employ DNS tunneling as a covert communications channel, because it can bypass conventional network firewalls. This allows C2 traffic and data exfiltration that can remain hidden from some traditional detection methods.

unit42 EN 2024 DNS Tunneling Tracking Scanning research analysis
New Backdoor, MadMxShell https://www.zscaler.com/blogs/security-research/malvertising-campaign-targeting-it-teams-madmxshell
18/04/2024 22:06:32
QRCode
archive.org
thumbnail

Beginning in March of 2024, Zscaler ThreatLabz observed a threat actor weaponizing a cluster of domains masquerading as legitimate IP scanner software sites to distribute a previously unseen backdoor. The threat actor registered multiple look-alike domains using a typosquatting technique and leveraged GoogleAds to push these domains to the top of search engine results targeting specific search keywords, thereby luring victims to visit these sites.

The newly discovered backdoor uses several techniques such as multiple stages of DLL sideloading, abusing the DNS protocol for communicating with the command-and-control (C2) server, and evading memory forensics security solutions. We named this backdoor “MadMxShell” for its use of DNS MX queries for C2 communication and its very short interval between C2 requests.

zscaler EN 2024 typosquatting MadMxShell GoogleAds DNS Malvertising Advance-ip-scanner
DNS Used to Hide Fake Investment Platform Schemes | Infoblox https://blogs.infoblox.com/cyber-threat-intelligence/beware-the-shallow-waters-savvy-seahorse-lures-victims-to-fake-investment-platforms-through-facebook-ads/
29/02/2024 13:06:52
QRCode
archive.org
thumbnail

Learn how the threat actor Savvy Seahorse Facebook ads to lure users to fake investment platforms and leverages DNS to allow their attacks to persist for years.

infoblox EN 2024 SavvySeahorse CNAME facebook scam crypto-scam DNS
Serious Vulnerability in the Internet Infrastructure Fundamental design flaw in DNSSEC discovered https://www.athene-center.de/en/news/press/key-trap
19/02/2024 16:03:59
QRCode
archive.org

he National Research Center for Applied Cybersecurity ATHENE has uncovered a critical flaw in the design of DNSSEC, the Security Extensions of DNS (Domain Name System). DNS is one of the fundamental building blocks of the Internet. The design flaw has devastating consequences for essentially all DNSSEC-validating DNS implementations and public DNS providers, such as Google and Cloudflare. The ATHENE team, led by Prof. Dr. Haya Schulmann from Goethe University Frankfurt, developed “KeyTrap”, a new class of attacks: with just a single DNS packet hackers could stall all widely used DNS implementations and public DNS providers. Exploitation of this attack would have severe consequences for any application using the Internet including unavailability of technologies such as web-browsing, e-mail, and instant messaging. With KeyTrap, an attacker could completely disable large parts of the worldwide Internet. The researchers worked with all relevant vendors and major public DNS providers over several months, resulting in a number of vendor-specific patches, the last ones published on Tuesday, February 13. It is highly recommended for all providers of DNS services to apply these patches immediately to mitigate this critical vulnerability.

athene-center.de EN 2024 DNS DNSSEC Vulnerability CVE-2023-50387 KeyTrap
A backdoor with a cryptowallet stealer inside cracked macOS software https://securelist.com/new-macos-backdoor-crypto-stealer/111778/
22/01/2024 10:41:52
QRCode
archive.org
thumbnail

We review a new macOS backdoor that piggybacks on cracked software to replace Bitcoin and Exodus wallets with malware.

securelist EN 2024 Apple MacOS Backdoor Cryptocurrencies DNS Malware Malware-Descriptions Malware-Technologies Trojan Trojan-stealer
Toward Ending the Domain Wars: Early Detection of Malicious Stockpiled Domains https://unit42.paloaltonetworks.com/detecting-malicious-stockpiled-domains/
19/12/2023 14:52:21
QRCode
archive.org
thumbnail

Using machine learning to target stockpiled malicious domains, the results of our detection pipeline tool highlight campaigns from phishing to scams.

unit42 EN 2023 TTP technique stockpiled DNS Malicious Early-Detection
Massive cybercrime URL shortening service uncovered via DNS data https://www.bleepingcomputer.com/news/security/massive-cybercrime-url-shortening-service-uncovered-via-dns-data/
01/11/2023 07:25:49
QRCode
archive.org
thumbnail

A threat actor that security researchers call Prolific Puma has been providing link shortening services to cybercriminals for at least four years while keeping a sufficiently low profile to operate undetected.

bleepingcomputer EN 2023 Shortener URL NameSilo Prolific Computer usTLD DNS Security InfoSec Puma TLD
Malware Execution Method Using DNS TXT Record https://asec.ahnlab.com/en/54916/
30/06/2023 09:08:33
QRCode
archive.org
thumbnail

AhnLab Security Emergency response Center (ASEC) has confirmed instances where DNS TXT records were being utilized during the execution process of malware.

This is considered meaningful from various perspectives, including analysis and detection as this method has not been widely utilized as a means of executing malware.

ASEC EN 2023 DNS TXT malware analysis
L'Anssi pourra bloquer les noms de domaine liés à des cyberattaques https://www.usine-digitale.fr/article/cyberattaque.N2119866
08/04/2023 10:30:44
QRCode
archive.org
thumbnail

La loi de programmation militaire prévoit que l'autorité n'aura pas besoin d'une décision de justice. Un contrôle sera réalisé a posteriori par l'Arcep.

usine-digitale FR 2023 ANSSI saisie noms DNS domaines cyberattaque militaire
Sony's Legal Attack on Quad9, Censorship, and Freedom of Speech https://quad9.net/news/blog/sony-s-legal-attack-on-quad9-censorship-and-freedom-of-speech/
08/03/2023 10:30:09
QRCode
archive.org

A potentially precedent-setting legal case involving Sony Music and Quad9 may endanger internet freedom of speech and allow unchecked content censorship.

quad9 EN 2023 Sony censorship public-dns dns privacy security Censorship legal Freedom
Melting the DNS Iceberg: Taking over your infrastructure Kaminsky style https://sec-consult.com/blog/detail/melting-the-dns-iceberg-taking-over-your-infrastructure-kaminsky-style/
20/10/2022 21:15:06
QRCode
archive.org
thumbnail

Hidden DNS resolvers and how to compromise your infrastructure

sec-consult 2022 Kaminsky attack DNS Hidden resolvers compromise infrastructure technical
page 1 / 2
4395 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio