DNS Security

Sponsored
by

Noteworthy

DNS Security / News Briefs

Russia in Talks to Create Independent DNS

The Russian Security Council has proposed development of an independent DNS which would continue to work in the event of global internet malfunctions, according to a report from RT. more

IBM Launches Quad9, a DNS-based Privacy and Security Service to Protect Users from Malicious Sites

The new DNS service, called Quad9, is aimed at protecting users from accessing malicious websites known to steal personal information, infect users with ransomware and malware, or conduct fraudulent activity. more

ICANN Delays Plans to Change DNS Cryptographic Key, Says Near 750 Million People at Risk if Rushed

The Internet Corporation for Assigned Names and Numbers (ICANN) has postponed plans to change the cryptographic key -- a critical step in updating protection measures for the Domain Name System (DNS). more

NIST Publishes Guide for DNS-Based Email Security, Draft Open for Public Comments

The National Cybersecurity Center of Excellence (NCCoE) has invited comments on a draft practice guide to help organizations improve email security and defend against phishing, man-in-the-middle, and other types of email-based attacks. more

Sweden Makes its TLD Zone File Publicly Available

Patrik Wallström writes to report that as of today, IIS (The Internet Foundation In Sweden) has made the zone files for .se and .nu domain names publicly available for the first time. "The underlying reason for making the zone files for .se and .nu available is our endeavour at IIS to promote transparency and openness. IIS has made the assessment that the zone files do not contain any confidential information and, therefore, there is no reason not to make this information available." more

Large Volume of DNSSEC Amplification DDoS Observed, Akamai Reports

A dramatic increase in DNS reflection/amplification DDoS attacks abusing Domain Name System Security Extension (DNSSEC) configured domains have been observed in the past few months, according to a security bulletin released by Akamai’s Security Intelligence Response Team (SIRT). more

91.3% of Malware Use DNS as a Key Capability

Nearly 92 percent of malware use DNS to gain command and control, exfiltrate data or redirect traffic, according to Cisco's 2016 Annual Security Report. It warns that DNS is often a security "blind spot" as security teams and DNS experts typically work in different IT groups within a company and don't interact frequently. more

ISOC's DNSSEC Deployment Map Available In Global Internet Maps (Interactive)

Internet Society's DNSSEC Deployment Maps are now available as part of a larger set of Global Internet Maps from its annual Global Internet Report. The map is based off of the 5 stages of DNSSEC deployment that the organization tracks as part of the weekly DNSSEC deployment maps generated. more

Paul Vixie on How the Openness of the Internet Is Poisoning Us

In a video interview conducted during the NSCS ONE conference, Paul Vixie CEO of Farsight Security further discusses the topic of his presentation titled: "Defective by Design -- How the Internet's Openness is Slowly Poisoning Us". more

GSA Looking Into .gov Outages

"The General Services Administration is analyzing what caused an outage of .gov websites for a few hours Wednesday morning," reports Federal Times. Officials said the problem involved so-called DNSSEC cybersecurity measures that affected access to certain .gov sites, according to GSA spokeswoman Mafara Hobson. more

ISOC Joins Forces with Shinkuro and Parsons to Promote Global Deployment of DNSSEC

The Internet Society today announced it has signed a Memorandum of Understanding with Shinkuro and Parsons to collaborate on multiple initiatives to promote the global deployment of Domain Name System Security Extensions (DNSSEC). more

U.S. CERT Issues Alert on DNS Amplification Attacks

Neil Schwartzman writes to report that U.S. Cert issued Alert TA13-088A on Friday March 29, 2013. "It is a solid how-to guide to test for, and remediate DNS configurations that can be used for Distributed Denial of Service attacks." more

Google Announces DNSSEC Support for Public DNS Service

Google today announced that its "Public DNS" service is now performing DNSSEC validation. Yunhong Gu, Team Lead for Google Public DNS, in post today wrote: "We launched Google Public DNS three years ago to help make the Internet faster and more secure.Today, we are taking a major step towards this security goal: we now fully support DNSSEC (Domain Name System Security Extensions) validation on our Google Public DNS resolvers." more

Report Reveals Planned DNSSEC Adoption of 2010 by Key Industries Still in Limbo

A recent progress report on DNSSEC adoption reveals the extent to which organizations in a number of industries are falling short of their own objectives for making Domain Name Server (DNS) infrastructure more secure. The progress report, conducted by Secure64 Software Corporation, is a follow-up to a 2010 study by Forrester Research titled, "DNSSEC Ready for Prime Time," which reported on organizations' plans to implement DNSSEC in order to shore up vulnerabilities in DNS. more

Internet Society ION Conferences: Call for Speakers - IPv6 and DNSSEC Experts

The Internet Society Deploy360 Programme issues a call for speakers for a series of upcoming global ION Conferences. ISOC welcomes submissions from IPv6 and DNSSEC experts to speak at any of the following ION conferences. more