Risky Biz News: New DNS attack impacts a quarter of all open DNS resolvers>
Risky Business News – Catalin Cimpanu
The key points from the summary are:
A team of Chinese academics discovered a new DNS attack called TuDoor that impacts nearly 25% of open DNS resolvers on the internet
The attack uses malformed DNS packets to trigger logic errors in DNS software, allowing cache poisoning, denial of service, or increased resource consumption
Out of 28 mainstream DNS services and software tested, 24 were found vulnerable to TuDoor attack variations
Patches have been released by Google, Microsoft, Cloudflare, BIND, Knot, AdGuard, and others
At the time of the research last year, 423,652 open DNS resolvers (23.1%) were vulnerable
Recent breaches and security incidents include:
Leidos Holdings, a major US government IT contractor, had data stolen and leaked by the Trigona ransomware gang
A clone of the Z-Library academia piracy portal leaked details of over 10 million users
India’s BSNL telecom company admitted to a security breach exposing customer data
US spyware vendor Spytech was breached, leaking data on more than 10,000 devices with their spyware installed
Cryptocurrency platform MonoSwap lost funds after a developer fell for a phishing email
CrowdStrike published a technical analysis of the bug causing 8.5 million Windows systems to crash last week, blaming it on a content validator testing system issue
Insurer Parametrix estimates global financial losses from the outage could reach $15 billion.
Link: https://news.risky.biz/risky-biz-news-new-dns-attack-impacts-a-quarter-of-all-open-dns-resolvers