#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

DNS nameserver | Breaking Cybersecurity News | The Hacker News

Researcher Hijacks a Microsoft Service Using Loophole in Azure Cloud Platform

Researcher Hijacks a Microsoft Service Using Loophole in Azure Cloud Platform

Apr 17, 2019
A cybersecurity professional today demonstrated a long-known unpatched weakness in Microsoft's Azure cloud service by exploiting it to take control over Windows Live Tiles , one of the key features Microsoft built into Windows 8 operating system. Introduced in Windows 8, the Live tiles feature was designed to display content and notifications on the Start screen, allowing users to continuously pull up-to-date information from their favorite apps and websites. To make it easier for websites to offer their content as Live Tiles, Microsoft had a feature available on a subdomain of a separate domain, i.e., " notifications.buildmypinnedsite.com ," that allowed website admins to automatically convert their RSS feeds into a special XML format and use it as a meta tag on their websites. The service, which Microsoft had already shut down, was hosted on its own Azure Cloud platform with the subdomain configured/linked to an Azure account operated by the company. However,
Algerian Hacker hijack Romanian Google and Yahoo Domain

Algerian Hacker hijack Romanian Google and Yahoo Domain

Nov 28, 2012
Algerian Hacker today hijack DNS Yahoo, Microsoft or Google and Paypal redirect users to a deface page. Credit being taken by Hacker going by name MCA-CRB , a serial website defacer. MCA-CRB is a prolific online graffiti artist who has defaced at least 5,000 sites, according to records kept by Zone-H. After Hijacking both domains resolve to an IP address located in the Netherlands," at 95.128.3.172 (server1.joomlapartner.nl). " When we heard about this incident, we were pretty skeptical about the attack. A site such as Google's can be theoretically hacked, but it is very unlikely. Then we noticed that both domains were directed to an IP address in the Netherlands […], so it seemed more like a DNS poisoning attack ," said Stefan Tanase from Kaspersky Lab Romania. " All we know is that Google's public DNS servers (8.8.8.8 and 8.8.4.4) were resolving requests for google.ro and other major .RO websites to the IP address hosting the defacement page ," Tanase said. Google
cyber security

external linkeBook: 3 Steps to Implement Zero Trust Access

websitewww.cyolo.ioZero Trust Security
Streamline your zero-trust access journey with three simple steps for high-risk, remote, and hybrid users.
Google Ireland and Yahoo Domains Hijacked

Google Ireland and Yahoo Domains Hijacked

Oct 11, 2012
Irish websites Google.ie and Yahoo.ie went offline on Tuesday afternoon after their DNS servers were apparently hijacked to point to those of a third party, resulting in visitors being redirected to an 'allegedly fraudulent' address - farahatz.net. That site has now been taken offline, but it is not known whether the site could have been created with malicious intent. A short note on the homepage of the IE Domain Registry said the move followed a " security incident on Tuesday 9th October, involving two high profile .ie domains that has warranted further investigation and some precautionary actions on the part of the IEDR ." The IE Domain Registry have requested assistance from the Garda Bureau of Fraud Investigation. There was an unauthorised access to one registrar's account [MarkMonitor] which resulted in the change to the DNS nameserver records for the two .ie domains. The IEDR worked with the registrar to ensure that the nameserver records were rese
Cybersecurity Resources