Domain Name System | Breaking Cybersecurity News | The Hacker News

Atlassian and the Internet Systems Consortium (ISC) have disclosed several security flaws impacting their products that could be exploited to achieve denial-of-service (DoS) and remote code execution. The Australian software services provider  said  that the four high-severity flaws were fixed in new versions shipped last month. This includes - CVE-2022-25647  (CVSS score: 7.5) - A deserialization flaw in the Google Gson package impacting Patch Management in Jira Service Management Data Center and Server CVE-2023-22512  (CVSS score: 7.5) - A DoS flaw in Confluence Data Center and Server CVE-2023-22513  (CVSS score: 8.5) - A RCE flaw in Bitbucket Data Center and Server CVE-2023-28709  (CVSS score: 7.5) - A DoS flaw in Apache Tomcat server impacting Bamboo Data Center and Server The flaws have been addressed in the following versions - Jira Service Management Server and Data Center (versions 4.20.25, 5.4.9, 5.9.2, 5.10.1, 5.11.0, or later) Conflue...

A deeper analysis of a recently discovered malware called  Decoy Dog  has revealed that it's a significant upgrade over the  Pupy RAT , an open-source remote access trojan it's modeled on. "Decoy Dog has a full suite of powerful, previously unknown capabilities – including the ability to move victims to another controller, allowing them to maintain communication with compromised machines and remain hidden for long periods of time," Infoblox  said  in a Tuesday report. "Some victims have actively communicated with a Decoy Dog server for over a year." Other new features allow the malware to execute arbitrary Java code on the client and connect to emergency controllers using a mechanism that's similar to a traditional DNS domain generation algorithm ( DGA ), with the Decoy Dog domains engineered to respond to replayed DNS queries from breached clients. "Decoy Dog has added functionality not available in Pupy," Dr. Renée Burton, head of threat...

Google on Tuesday officially announced support for DNS-over-HTTP/3 (DoH3) for Android devices as part of a Google Play system update designed to keep DNS queries private. To that end, Android smartphones running Android 11 and higher are expected to use DoH3 instead of DNS-over-TLS ( DoT ), which was incorporated into the mobile operating system with Android 9.0. DoH3 is also an alternative to DNS-over-HTTPS ( DoH ), a mechanism for carrying out remote Domain Name System (DNS) resolution through an encrypted connection, effectively preventing third parties from snooping on users' browsing activities. HTTP/3 , the first major upgrade to the hypertext transfer protocol since HTTP/2 was introduced in May 2015, is designed to use a new transport layer protocol called  QUIC  that's already supported by major browsers such as Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari. The low-latency protocol, developed by Google in 2012, relies on the User Datagram Pro...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

At present, web applications have become the top targets for attackers because of potential monetization opportunities. Security breaches on the web application can cost millions. Strikingly, DNS (Domain Name System) related outage and Distributed denial of service (DDoS) lead a negative impact on businesses. Among the wide range of countermeasures, a web application firewall is the first line of defense. Web Application Firewall's basic function is to establish a hardened boundary to prevent certain malicious traffic types from acquiring resources. Though WAFs have been available since the late nineties, this early generation technology is no match for recent sophisticated cyber-attacks. They are not capable enough to offer full application control and visibility. With these increasing security risks, the new age web application firewall is the only solution that can provide proper protection. Traditional WAFs Died Or At Least Dying In the early days, web apps were less common...

Cloudflare, a well-known Internet performance and security company, announced the launch of 1.1.1.1 —world's fastest and privacy-focused secure DNS service that not only speeds up your internet connection but also makes it harder for ISPs to track your web history. Domain Name System (DNS) resolver, or recursive DNS server, is an essential part of the internet that matches up human-readable web addresses with their actual location on the internet, called IP addresses. For example, when you try to open a website, say thehackernews.com, your DNS looks up for the IP address linked to this domain name and load the site. Since the default DNS services provided by ISPs are often slow and insecure, most people rely on alternative DNS providers—such as OpenDNS (208.67.222.222), Comodo DNS (8.26.56.26) and Google (8.8.8.8), to speed up their Internet. But if you use Cloudflare new 1.1.1.1 DNS service , your computer/smartphone/tablet will start resolving domain names within a bla...