Tag: dns

  • DNS KeyTrap vulnerability

    DNS KeyTrap vulnerability

    by

    Swapneel Patnekar

    DNS KeyTrap vulnerability is a critical flaw in the design of DNSSEC (DNS Security Extensions). A single DNS packet can exhaust the CPU, causing a Denial of Service in a DNSSEC validating recursive resolver. Security researchers at the German National Research Center for Applied Cybersecurity ATHENE uncovered the critical flaw, which has been assigned and listed as CVE-2023-50387 and CVE-2023-50868…

  • What is a DNS Firewall?

    What is a DNS Firewall?

    by

    Swapneel Patnekar

    A DNS firewall also known as Protective DNS is an enterprise network security solution. It filters and manages DNS queries and responses. It protects organizations from cyber threats. These threats include phishing, malware, cryptojacking, domain generation algorithms(DGA), command and control (C2) domain names. It determines which domain names users can access based on set rules…

  • What are Newly Registered Domain Names?

    What are Newly Registered Domain Names?

    by

    Swapneel Patnekar

    On any given day, thousands of domain names are registered on a daily basis on the Internet. Newly Registered domain names (NRD) are used by enterprises and individuals for legitimate purposes and by threat actors for malicious purposes. What are newly registered domain names? By definition, a newly registered domain name(NRD) is one which has…

  • Phishing scam aimed at Flipper Zero India enthusiasts

    Phishing scam aimed at Flipper Zero India enthusiasts

    by

    Swapneel Patnekar

    Executive Summary Shreshta threat intelligence team has uncovered a phishing scam aimed at Flipper Zero India enthusiasts interested in buying a Flipper Zero. The phishing websites lure users with fake flipper zero discount code offers. Do you believe threat actors limit their focus solely to non-technical users? Think again! Infosec community and enthusiasts are also…

  • The rise of phishing attacks targeting Adobe users in India

    The rise of phishing attacks targeting Adobe users in India

    by

    Swapneel Patnekar and Pranay Patil

    Executive Summary Shreshta Threat Intelligence has uncovered a rise in phishing attacks targeting Adobe users in India. The attack begins by sending emails to employees working at Micro Small and Medium Enterprises(MSME), large enterprises, and luring them to click on a link which impersonates a Purchase Order or a Work Order document.  The attack uses…