Tag Archives: dns

Akamai Shield NS53 protects on-prem and hybrid DNS infrastructure

Akamai launched Akamai Shield NS53, a product that protects on-premises (on-prem) Domain Name System (DNS) infrastructure from resource exhaustion attacks. These attacks overwhelm servers to the point that they can no longer respond to valid DNS queries. The new offering complements Akamai Edge DNS, which is a comprehensive cloud-based DNS solution, and Akamai Prolexic, a distributed denial-of-service (DDoS) protection platform for Layer 3 and Layer 4 attacks. Over the past three years, there has been … More ? The post Akamai Shield NS53 protects on-prem and hybrid DNS infrastructure appeared first on Help Net Security .

More:
Akamai Shield NS53 protects on-prem and hybrid DNS infrastructure

NETSCOUT releases Adaptive DDoS Protection for AED

NETSCOUT launched Adaptive DDoS Protection for Arbor Edge Defense (AED) to protect ISPs and enterprises from DNS water torture attacks. According to the NETSCOUT DDoS Threat Intelligence Report, Domain Name System (DNS) water torture attacks increased 353% in the first six months of 2023, overwhelming Authoritative DNS server resources and bringing down critical DNS services. DNS water torture DDoS attacks have been around since 1997, yet many organizations still struggle to efficiently identify and mitigate … More ? The post NETSCOUT releases Adaptive DDoS Protection for AED appeared first on Help Net Security .

More:
NETSCOUT releases Adaptive DDoS Protection for AED

Speeding MTTR when a third-party cloud service is attacked

We all know you can’t stop every malicious attack. Even more troublesome is when an externally sourced element in the cloud – engaged as part of your infrastructure – is hit and it impacts customers using your digital service. That’s what happened on October 22 when a DDoS attack on the AWS Route 53 DNS service made its S3 storage service unavailable or slow loading to thousands of organizations. We had an early view of … More ? The post Speeding MTTR when a third-party cloud service is attacked appeared first on Help Net Security .

Visit link:
Speeding MTTR when a third-party cloud service is attacked

DNSSEC fueling new wave of DNS amplification attacks

DNS amplification attacks swelled in the second quarter of this year, with the amplified attacks spiking more than 1,000% compared with Q2 2018, according to Nexusguard. Researchers attributed Domain Name System Security Extensions (DNSSEC) with fueling the new wave of DNS amplification attacks, which accounted for more than 65% of the attacks last quarter according to the team’s evaluation of thousands of worldwide DDoS attacks. DNSSEC was designed to protect applications from using forged or … More ? The post DNSSEC fueling new wave of DNS amplification attacks appeared first on Help Net Security .

Excerpt from:
DNSSEC fueling new wave of DNS amplification attacks

Attackers could abuse DNSSEC-secured domains for DDoS attacks: report

A majority or 80% of DNSSEC-secured domains could be used to amplify distributed denial of service (DDoS) attacks, at an average factor of 28.9 times, according to a recent report by Neustar which studied nearly 1,350 domains with DNSSEC deployed. The report points out that the domains had not properly deployed DNSSEC-signing of their domains, leaving them vulnerable to DDoS attacks. “Neustar has correctly pointed out the additional amplification factor related to misconfigured DNSSEC vs. legacy DNS, where the inclusion of the digital signature allows for a somewhat higher than a normal DNS amplification attack,” says Corero Network Security COO Dave Larson, in a statement. “However, the point that must be stressed related to this or any other DDoS amplification vectors is that operators of any network – whether they include DNS service or not – should have their networks configured not to respond to spoofed IP requests. In addition, DNS operators should configure their DNS servers not to respond to ‘ANY’ requests in order to squelch the opportunity for the server to be leveraged for malicious use.” Larson adds that on the flip side, the impact to the receiving end of the attack can be especially problematic. The fragmented and amplified attack technique, utilizing DNS or DNSSEC can cause outages, downtime and potential security implications for Internet Service Providers if they are relying on out-of-band DDoS protection mechanisms. Furthermore, organizations relying on traditional IT and security infrastructure such as firewalls and load balancing equipment are no match for these attacks. “A comprehensive in-line and automatic mitigation method for removing DDoS attacks is the recommended approach for dealing with all types of DDoS attacks – DNS and beyond,” noted Larson. Source: http://www.networksasia.net/article/attackers-could-abuse-dnssec-secured-domains-ddos-attacks-report.1471485281

Visit link:
Attackers could abuse DNSSEC-secured domains for DDoS attacks: report

DNS attacks cost businesses more than $1 million a year

New research has revealed that DNS attacks are costing businesses more than $1 million a year in lost business and service downtime. For years, DNS has silently and peacefully served internet needs, but it’s mostly been thought of as a trivial protocol requiring very basic configuration and monitoring. Despite its criticality, this service has never really been considered as a potential security issue, mostly because common usage leads people to believe it is a trivial protocol requiring very basic confguration and monitoring. But while DNS may have been safe and apparently secure for the last twenty years, because of its complexity and evolving role in the IT industry it has become a powerful attack vector, with 91% of malware using the DNS protocol. According to the new study from IDC and EfficientIP , the top three DNS attacks that have the largest impact on an organisation are Distributed Denial of Service (DDoS attacks, Zero-Day vulnerabilities and data exfiltration. These types of attacks are the main cause of business outage and data theft. But despite 74% being victims of DNS attacks, 25% of businesses still aren’t implementing any kind of basic security software. EfficientIP’s experts warn that existing DNS defenses are outdated and no longer work. Until now, the approach to IT Security has been one that has downplayed the risk of DNS threats, bundling them in with a wide selection of diferent network threats that can be protected using traditional security tools and techniques. It is an approach that threatens DNS security by overcomplicating architectures, adding slow and inappropriate layers of defence. While firewalls can protect on a basic level, on their own they;re not designed to deal with high bandwidth DDoS attacks, or detect DNS tunnelling attempts (the majority of DDoS attacks are now over 1Gbps), and most businesses still rely on the ‘out-of-the-box’ non-secure DNS servers offered by Microsoft or Linux servers. ‘The report has highlighted that despite the massive increase in cyber attacks, companies and their IT departments still don’t fully appreciate the risks from DNS-based attacks,’ said David Williamson, EfficientIP CEO. ‘In just under two years GDPR will come into effect and companies will be held responsible for all security breaches and could face major fines. It’s crucial for all businesses to start taking DNS security seriously.’ Source: http://www.information-age.com/technology/security/123461604/dns-attacks-cost-businesses-more-1-million-year-study

View article:
DNS attacks cost businesses more than $1 million a year

Detecting the DNS Changer malware

January marked half-time for the folks at the DNS Changer Working Group (DCWG) who are now running the DNS servers originally used in the Rove botnet. Ever since a multi-national task force dismantled…

See original article:
Detecting the DNS Changer malware