Search results for DNS resolvers | Breaking Cybersecurity News | The Hacker News

Just a year after Mirai —biggest IoT-based malware that caused vast Internet outages by launching massive DDoS attacks—completed its first anniversary, security researchers are now warning of a brand new rapidly growing IoT botnet. Dubbed ' IoT_reaper ,' first spotted in September by researchers at firm Qihoo 360, the new malware no longer depends on cracking weak passwords; instead, it exploits vulnerabilities in various IoT devices and enslaves them into a botnet network. IoT_reaper malware currently includes exploits for nine previously disclosed vulnerabilities in IoT devices from following manufactures: Dlink (routers) Netgear (routers) Linksys (routers) Goahead (cameras) JAWS (cameras) AVTECH (cameras) Vacron (NVR) Researchers believe IoT_reaper malware has already infected nearly two million devices and growing continuously at an extraordinary rate of 10,000 new devices per day. This is extremely worrying because it took only 100,000 infected devices

Patches Released for BIND Denial-of-service Vulnerability There's a new vulnerability in the popular BIND name server software that is causing various versions of the application to crash unexpectedly after logging a certain kind of error. The Internet Systems Consortium (ISC), an organization that maintains several software products critical for Internet infrastructure, has released a patch for an actively exploited denial-of-service vulnerability in the widely used BIND DNS server. The internet Systems Consortium (ISC) have described the problem as follows: An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure... Affected servers crashed after logging an error in query.c with the following message: "INSIST(! dns_rdataset_isassociated(sigrdataset)) More details are available in their advisory . As of this posting, ISC had not revealed the underlying problem,

This new product provides IT and Security visibility into the risky SaaS apps employees are using.