Domain Name Services (DNS) play a crucial role in our IP networks. DNS servers map website names to their corresponding IP addresses. By altering information on a DNS server, you can redirect users to different IP addresses, potentially leading them astray from their intended destinations. One method to achieve this redirection is by modifying files… Continue reading DNS Spoofing vs DNS Hijacking
Results for "DNS"
We found 71 results for your search.
DNS Cache Poisoning
DNS Cache Poisoning is a pretty old attack type in which a malicious actor redirects a victim’s traffic to a harmful site instead of a legitimate IP address. It is done by replacing cached IP addresses on the DNS server. Attackers also use the method of “poisoning” the DNS cache to steal credentials or sensitive… Continue reading DNS Cache Poisoning
GitHub and GitLab CDNs Abused to Spread Malware
Recent research around new spreading approaches of one stealer malware family revealed a new way to abuse GitHub. Instead of creating repositories that contain malware files, hackers push the files they need through the issue reporting mechanism in the repository menu. This allows for making malware look like a file from a legit repo, bypassing… Continue reading GitHub and GitLab CDNs Abused to Spread Malware
TOP DNS Attacks Types
What is a DNS (Domain Name Server) Attack? A DNS attack is the situation when an attacker either attempts to compromise a DNS network or uses its inherent attributes to conduct a broader attack. A well-orchestrated DNS attack can cause severe damage to an organization. DNS is the main form of communication. It receives domains… Continue reading TOP DNS Attacks Types
DNS Spoofing: Key Facts, Meaning
What is DNS Spoofing? DNS (Domain name server) spoofing or DNS cache poisoning is a type of cyberattack used by an attacker to direct the victim’s traffic to a malicious website (instead of a legal IP address). Attackers use DNS cache poisoning to redirect Internet traffic and steal sensitive information. For example, a hacker wants… Continue reading DNS Spoofing: Key Facts, Meaning
A DNS vulnerability in uClibc/uClibs-ng libraries jeopardizes IoT devices
A vulnerability has been discovered (CVE not yet issued) in uClibc and uClibc-ng C standard libraries. These libraries are vastly used in IoT devices. The newly found vulnerability makes it possible to place forged data into the DNS cache, allowing to set an arbitrary IP address in that cache with the subsequent rerouting of all… Continue reading A DNS vulnerability in uClibc/uClibs-ng libraries jeopardizes IoT devices
Avast experts accidentally got source code for GhostDNS exploit
Avast analysts suddenly got the source codes for the GhostDNS exploit. The experts got access to the source thanks to an error from an unknown hacker. GhostDNS is a set of exploits for routers that uses CSRF queries to change DNS settings and then redirect users to phishing pages (where from victims are stolen credentials… Continue reading Avast experts accidentally got source code for GhostDNS exploit
Hackers spoof DNS settings to distribute fake coronavirus applications
Journalists from Bleeping Computer investigated that hackers are replacing DNS settings for distributing fake applications. The reason for the investigation were complaints of users, which reported on the forums that they were obsessively offered to download a strange application, allegedly informing about COVID-19 and created by WHO. As it turned out, the routers of these… Continue reading Hackers spoof DNS settings to distribute fake coronavirus applications
Altisik Service Virus
Altisik Service is a malicious coin miner that usually installs and runs on the target system without the explicit consent of the PC owner. It disguises itself as a Windows service, which makes it difficult to stop or remove. Let’s have a closer look at how this malware operates and how to delete it from… Continue reading Altisik Service Virus
PUA:Win32/SBYinYing
PUA:Win32/SBYinYing is a potentially unwanted application (PUA) that is often bundled with certain cracked games. It may display ads to users or redirect them to potentially harmful websites, which puts it in the same line with adware and browser hijackers. Most often, user get infected with that malware after downloading cracked software. PUA:Win32/SBYinYing Overview PUA:Win32/SBYinYing… Continue reading PUA:Win32/SBYinYing