DNS Attacks

A new keylogging server and client tool have been released on GitHub for pentesters. The tool utilizes DNS tunneling to transmit keystrokes through firewalls, potentially evading detection covertly. The tool, DNS-Tunnel-Keylogger, was designed for...

The Internet Systems Consortium (ISC) has released critical security advisories addressing multiple vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 software, a cornerstone of the Domain Name System (DNS) infrastructure. These vulnerabilities, identified as...

The Internet Systems Consortium (ISC) released security advisories on January 25, 2023, to address flaws in the DNS software suite BIND.  A denial of service could occur if these vulnerabilities are exploited. The flaws that...

Researchers identified a DNS vulnerability called “TsuNAME”. This vulnerability affects  DNS resolvers and can be exploited to attack authoritative servers. The authoritative DNS servers translate web domains to IP addresses and pass this information to...

Cybersecurity researchers have unveiled a new and potent Denial of Service (DoS) attack, dubbed "DNSBomb." This attack leverages the inherent mechanisms of the Domain Name System (DNS) to create a powerful pulsing DoS attack...

DNS flaws are very common on web applications where the DNS resolvers are vulnerable to Kaminsky attacks. If threat actors are able to predict portions of a DNS query and the source ports, they...

The U.S Department of Homeland Security's Cybersecurity and Infrastructure Security Agency has recently issued an order to the civil federal government agencies that are using Windows Server. They have been asked to patch a...

Recently, cybersecurity experts have detected nearly 7 vulnerabilities in a very popular DNS software set that has been executed in routers and access points in every kind of business.  We all know that Dnsmasq is...

Hackers exploit DNS vulnerabilities to redirect users to malicious websites, launch distributed denial-of-service (DDoS) attacks by overwhelming DNS servers, and manipulate domain resolutions to intercept traffic for surveillance or data theft purposes. Infoblox researchers recently...

Roaming Mantis is a cyberattack campaign that has been active for an extended period of time. The attackers behind this campaign use malicious APK files, which are the files used to install apps on...