Tech

Linux has a serious security problem that once again enables DNS cache poisoning

Enlarge (credit: Getty Images) As much as 38 percent of the Internet’s domain name lookup servers are vulnerable to a new attack that allows hackers to send victims to maliciously spoofed addresses masquerading as legitimate domains, like bankofamerica.com or gmail.com. The exploit, unveiled in research presented today, revives the DNS cache-poisoning attack that researcher Dan […]

Tech

The NSA warns enterprises to beware of third-party DNS resolvers

Enlarge (credit: Getty Images) DNS over HTTPS is a new protocol that protects domain-lookup traffic from eavesdropping and manipulation by malicious parties. Rather than an end-user device communicating with a DNS server over a plaintext channel—as DNS has done for more than three decades—DoH, as DNS over HTTPS is known, encrypts requests and responses using […]

Tech

DNS cache poisoning, the Online Assault from 2008, is back in the dead

Expand (charge: Henrik 5000 / / Getty Images) In 2008, researcher Dan Kaminsky shown among the more serious online security threats: a weakness from the domain name system which made it possible for visitors to send consumers en masse into imposter websites rather than the actual ones belonging to Google, Bank of America, or anybody […]