Swapneel Patnekar
ShadowFindr – Uncover domain shadowing attacks
—
by
At the DNS Community Day organized by DNS-OARC at the APRICOT 2024/APNIC 57 conference, we released ShadowFindr, a web tool to detect potential domain shadowing attacks. Who is living off your domain name? ShadowFindr is a web tool built for domain name registrants that helps identify potential domain shadowing attacks. We have written about domain…
Domain shadowing
—
by
Domain shadowing is a technique listed by MITRE ATT&CK as T1584.001 sub-technique of T1584 This technique is not to be confused with subdomain hijacking What is a domain shadowing attack? Threat actors gain control of the DNS control panel of legitimate domain names by brute force and stealthily insert subdomains pointing to the attackers’ network…
DNS KeyTrap vulnerability
—
by
DNS KeyTrap vulnerability is a critical flaw in the design of DNSSEC (DNS Security Extensions). A single DNS packet can exhaust the CPU, causing a Denial of Service in a DNSSEC validating recursive resolver. Security researchers at the German National Research Center for Applied Cybersecurity ATHENE uncovered the critical flaw, which has been assigned and listed as CVE-2023-50387 and CVE-2023-50868…
What is a DNS Firewall?
—
by
A DNS firewall also known as Protective DNS is an enterprise network security solution. It filters and manages DNS queries and responses. It protects organizations from cyber threats. These threats include phishing, malware, cryptojacking, domain generation algorithms(DGA), command and control (C2) domain names. It determines which domain names users can access based on set rules…
Having Teen Patti fun? Beware of malware apps!
—
by
Having Teen Patti fun? Beware of malware apps! Shreshta Threat Intelligence team have detected many websites providing Teen Patti game downloads infected with malware. About Teen Patti Teen Patti is a gambling card game. Teen Patti originated in India and is popular throughout South Asia. It evolved from the English game of three-card brag, with…
