Saturday, October 16, 2021

CISOs Preparing for DNS Attacks

Must Read

A report shows that avg time to fix critical vulnerabilities is 205 days

According to an AppSec Stats Flash report Published by whitehat security that the average time taken to fix critical...

Finnish parliament says some lawmakers’ Mails hacked

Parliament stated it had been co-operating together with the NBI from the investigation into the assault. "The cyberattack on...

Peatix Warns Users for Attacks After Breach

Occasions and ticketing program Peatix has cautioned users of follow-on cyber-attacks later acknowledging it endured a data breach earlier...

Only over three-quarters of cybersecurity professionals also have stated they expect to observe a rise in DNS-related security dangers during the upcoming few weeks.

However, 29 percent have bookings around their capacity to react to DNS attacks, probably attributed to the changing and complicated DNS hazard landscape, as a few users confessed to having been struck by a minimum of one DNS assault in the last year, such as DNS spoofing/cache poisoning (28 percent ), DNS tunneling (16 percent ) and zombie domain strikes (15 percent ).

“After success, DNS strikes can have harmful repercussions to an organization’s online presence, reputation, and brand.

A domain hijacking assault, as an instance, could lead to hackers taking charge of an organization’s domain name and using it to host malware or even launching phishing campaigns that prevent spam blockers and other reputational protections.

In a worst-case scenario, this kind of attack may even result in an organization losing its domain name “

Jack Mannino, CEO in nVisium, flagged the danger of DNS tunneling as becoming a favorite exfiltration technique” since DNS is often reserved for egress traffic”

Mannino stated: “Recognizing your DNS traffic and using visibility into strikes is essential because most control and command techniques utilize DNS for this function, and attackers may exfiltrate data within the protocol via attacks such as SQL injection also, evading firewalls and filtering appliances”

Throughout September and October 2020, DDoS (22 percent ) was rated as the best concern for safety specialists, followed by method compromise (19 percent ) and ransomware (17 percent ).

In this age, organizations have concentrated most on boosting their capacity to react to the seller or client impersonation (58 percent ), targeted hacking (54 percent ), and IP address hacking (52 percent ).

Joffe said it had been convinced that associations know about the harshness of DNS attacks, but additionally, it is significant that they continue to take proactive actions to safeguard themselves and their clients against different dangers.

“This should involve routine DNS audits and continuous monitoring to ensure a comprehensive comprehension of all DNS traffic and action,” he explained.

“Crucially, DNS information may also provide organizations with timely, qualitative and significant danger insights, allowing them to not just shield against DNS-related dangers, but also mitigate the great majority of malware, viruses, and questionable content before crucial processes are “

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This