Tag: dns
-
Thousands of websites affected by nameserver hijack redirecting visitors to malware
DNS caching causes attack to have a long tail. Yesterday, visitors to thousands of Dutch websites were served an ‘under construction’ page that, through a hidden iframe, was serving the Blackhole exploit kit. The sites were hosted by three hosting companies that share both a parent company and, more importantly in this case, nameservers for…
-
Hacktivists hijack DNS of popular websites
Security at registrars may be weak link. A hacktivist group has managed to redirect the traffic of two popular websites by hijacking their DNS settings, researchers at Internet Identity report. The sites belong to UFC , a mixed martial arts promotion company, and Coach , which produces luxury goods. Both companies had expressed their support…
-
New RFC describes best practices for running DNS-based lists
DNSBL users advised to avoid those lists that charge for delisting. A new RFC document has been published that describes the best operational practices for the use of DNS-based lists in email filters. DNS-based lists (somewhat confusingly called ‘DNSBLs’ in the document) include blacklists and whitelists of IP addresses, but also URIBLs and geographical-based lists.…
-
‘Largest takedown ever’ sees six arrested
Millions made through ‘DNSChanger’ malware. Six Estonian nationals have been arrested for taking part in a cybercrime ring that made money through DNS-changing malware that had infected as many as four million computers. The ‘DNSChanger’ malware, of which versions exist for both Windows and Mac , usually spreads via fake codecs. The malware modifies the…
-
DNS poisoning attack targeting Brazilian customers
ISP employee suspected of changing DNS cache. Millions of Internet users in Brazil may have been exposed to malware after the DNS caches of their ISPs were modified to redirect them to servers controlled by cybercriminals. DNS (Domain Name System) is the system used by computers on the Internet to resolve domain names (e.g. www.virusbtn.com…
-
Microsoft’s machines hijacked by spammers
Servers also used for DoS attack on security journalist’s site. More than a thousand websites pushing spamvertised pharmaceuticals have been found to be using name servers on hacked machines in Microsoft ‘s IP space. Spammers and malware writers have a habit of hiding as well as they can and operating using hacked computers is a…
-
Tough weekend for AV giants as FPs and DNS issues hit
Trend false alert cripples users’ systems, Sophos sites taken out by DNS mixup. Two of the larger security firms, Trend Micro and Sophos , had a busy weekend cleaning up after troubles hit them on Friday. Trend Micro released a pair of signature updates which led to its products erroneously identifying several Windows system files…
-
DNS flaw exploitation danger growing
Slow patchers targeted by sophisticated attacks. The serious vulnerability in the implementation of DNS systems has been targeted by malicious attacks, as security watchers have been predicting since the flaw was first disclosed. With many developers and service providers yet to implement patching regimes for the issue, those still leaving their servers open for spoofing…
-
Patch Tuesday sees serious DNS flaws fixed
Nothing marked critical, but some very important patches issued. Microsoft ‘s latest ‘Patch Tuesday’ round of security updates for once contains no bulletins marked as ‘critical’, but some of the four updates labelled ‘important’ address major issues posing serious threats to web users worldwide. Two of the patches fix problems with Exchange Server and Windows…