Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

DNSstuff.com Responds to Attacks

DNSstuff.com issued a warning and called for greater preparedness as a result of the recent attack targeting root servers

NEWBURYPORT, Mass. -- DNSstuff.com, a global leader in DNS issues and tools with one of the largest communities of IT professionals on the Web, today issued a warning and called for greater preparedness as a result of the recent attack targeting root servers. This attack is the latest in a series of distributed denial-of-service attacks targeting DNS servers that began late last year. DNSstuff.com today also introduced a new root server time map tool designed to help IT professionals track the performance of and possible attacks on these servers.

“It is likely that this latest apparent probing effort was testing the resiliency of DNS,” explained Paul D. Parisi, CTO of DNSstuff.com. “This could be a harbinger of more targeted attacks against .com parent servers or even individual enterprise servers, neither of which may have the resiliency or redundancy of the systems attacked earlier this week. Either of these scenarios could have catastrophic consequences for the Internet-at-large or specific organizations.”

New Tool to Spot Attacks

The new DNSstuff.com root server time map allows IT professionals to monitor the state of root and .com servers supporting DNS. Now anyone can check real-time performance of these servers to spot long latency times or unusual behavior in response times. The root server time map can be found at http://www.dnsstuff.com/info/roottimes.htm.

Even without an increase in targeted or malicious attacks on DNS servers, many of those same servers remain vulnerable or are performing poorly because of simple human error. There are over 85 million domains on the Web, and a survey by DNSstuff.com of its users revealed that there are significant, fixable configuration issues with DNS settings for nearly 70% of those active domains. These incorrect settings can lead to site outages or improperly routed email, and a targeted attack exploiting these settings could lead to even more widespread network and Internet outages.

Simple Prevention Settings

“We are a robust web application and the Web’s acknowledged leader in helping IT professionals better manage their networks and DNS through expert advice, best practices and relevant resources,” continued Parisi. “Unfortunately, many people are relying on improperly configured DNS and are unintentionally leaving themselves, and therefore the web, vulnerable to attack. ”

DNSstuff.com

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
What the FedEx Logo Taught Me About Cybersecurity
Matt Shea, Head of Federal @ MixMode,  6/4/2021
Edge-DRsplash-10-edge-articles
A View From Inside a Deception
Sara Peters, Senior Editor at Dark Reading,  6/2/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23394
PUBLISHED: 2021-06-13
The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP.
CVE-2021-34682
PUBLISHED: 2021-06-12
Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.
CVE-2021-31811
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-31812
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-32552
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.