#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Google DNS | Breaking Cybersecurity News | The Hacker News

Google to Experiment 'DNS over HTTPS' (DoH) Feature in Chrome 78

Google to Experiment 'DNS over HTTPS' (DoH) Feature in Chrome 78

Sep 11, 2019
Immediately after Mozilla announced its plan to soon enable ' DNS over HTTPS ' (DoH) by default for Firefox users in the United States, Google today says it is planning an experiment with the privacy-focused technology in its upcoming Chrome 78. Under development since 2017, ' DNS over HTTPS ' performs DNS lookups—finding the server IP address of a certain domain name—over an encrypted HTTPS connection to a DNS server, rather than sending DNS queries in plaintext. The protocol that sends DNS queries over secure HTTPS connections has specifically been designed to prevent miscreants from interfering with domain name lookups, eventually stopping network observers, including your ISPs and attackers, from figuring out what sites you visit. Though the privacy-focused technology is also helpful in preventing attackers from redirecting unsuspecting visitors to phishing and malware sites, DNS over HTTPS could also bring its own new challenges to the enterprise security so
Google DNS Service (8.8.8.8) Now Supports DNS-over-TLS Security

Google DNS Service (8.8.8.8) Now Supports DNS-over-TLS Security

Jan 10, 2019
Almost every activity on the Internet starts with a DNS query, a key function of the Internet that works as an Internet's directory where your device looks up for the server IP addresses after you enter a human-readable web address (e.g., thehackernews.com). Since DNS queries are sent in clear text over UDP or TCP without encryption, the information can reveal not only what websites an individual visits but is also vulnerable to spoofing attacks. To address these problems, Google announced Wednesday that its Public DNS (Domain Name System) service finally supports DNS-over-TLS security protocol, which means that the DNS queries and responses will be communicated over TLS-encrypted TCP connections. The DNS-over-TLS has been designed to make it harder for man-in-the-middle attackers to manipulate the DNS query or eavesdrop on your Internet connection. Launched over eight years ago, Google Public DNS, at IP addresses 8.8.8.8 and 8.8.4.4, is world's largest public Domai
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Google Public DNS Server Spoofed for SNMP based DDoS Attack

Google Public DNS Server Spoofed for SNMP based DDoS Attack

Sep 16, 2014
The Distributed Denial of Service ( DDoS ) attack is becoming more sophisticated and complex, and, according to security experts , the next DDoS vector to be concerned about is SNMP (Simple Network Management Protocol) amplification attacks. Yesterday afternoon, the SANS Internet Storm Center reported SNMP scans spoofed from Google's public recursive DNS server searching for vulnerable routers and other devices that support the protocol with DDoS traffic and are opened to the public Internet. " We are receiving some reports about SNMP scans that claim to originate from 8.8.8.8 (Google's public recursive DNS server), " wrote Johannes Ullrich, dean of research of the SANS Technology Institute and head of the Internet Storm Center. " This is likely part of an attempt to launch a DDoS against Google by using SNMP as an amplifier/reflector. " Simple Network Management Protocol (SNMP) is a UDP-based protocol designed to allow the monitoring of network-
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Google Public DNS intercepted by Turkish ISPs

Google Public DNS intercepted by Turkish ISPs

Mar 30, 2014
I know we all have freedom of speech, but unfortunately it's not free, especially in the countries govern by the governments where they are ready to kill our voice anyhow, even by censoring the social media. The same happened few days before, when Twitter , the biggest Social Media platform, was banned by the Turkey government after an audio clip was leaked on YouTube and Twitter about the massive corruption of Turkey Prime Minister Recep Tayyip Erdoğan instructing his son to dispose of large amounts of cash in the midst of a police investigation. The Prime minister of the country, Erdoğan has full control on the old media, the television and the printing press, but he failed to stop the Ten Million Turkish citizen on twitter from sharing the audio all over the social media site, when Twitter itself reportedly refused to delete the incriminating audio of him. But it doesn't work very well, since the users have all way out. Millions of Turkey users began using Google's DNS servi
Google Public DNS Server Traffic Hijacked

Google Public DNS Server Traffic Hijacked

Mar 17, 2014
The Internet is becoming a dangerous place day-by-day and especially for those innocent web users who rely on 3rd party services. The latest bad news is that the World's largest and most widely used Google's free public DNS (Domain name system) resolvers  raised   security red flags yesterday. DNS is the master address list for the Internet, which translates IP addresses into human readable form and vice versa. According to Internet monitoring firm BGPmon , Google's DNS server 8.8.8.8 /32 was hijacked yesterday for 22 minutes. The Google's DNS server handles around 150 billion queries a day and during the 22 minutes of hijacking, millions of Internet users, including Financial institutions , Governments were redirected to BT's (British multinational telecommunications services company) Latin America division in Venezuela and Brazil. It is suspected that Hackers exploited a well-known  vulnerability in the so-called Border Gateway Protocol ( BGP) , which
World's Largest Web Hosting company 'LeaseWeb' Hacked by KDMS Team

World's Largest Web Hosting company 'LeaseWeb' Hacked by KDMS Team

Oct 05, 2013
LeaseWeb , one of the World's largest hosting provider has been defaced by Palestinian hackers, named as KDMS Team . LeaseWeb was also hosting provider for one of the biggest file-sharing website Megaupload in the past. Later Megaupload Founder, Kim Dotcom claimed that  Leaseweb had deleted all Megaupload user data from 690 servers without warning. The hacker group replaced the Homepage of the website for just a few hours with an Anonymous Palestine , homepage titled " You Got Pwned " and the defacement message says: Hello Lease Web Who Are You ? Who is but the form following the function of what and what are you is a hosting company with no security KDMS Team : Well ,, We Can See That :P We noticed that Attacker has just changed the DNS server to point the Domain to another server at 67.23.254.6, owned by the attacker. At the time of writing, Leaseweb team resolved the issue and get their Domain back to the original server . But because the hac
Cybersecurity Resources