Dark Reading

Client-Side DNS Attack Emerges From Academic Research

The rise of speculative execution side-channel vulnerabilities is having an interesting side effect: More researchers from academia are finding their names in CVEs and bounty notices, and, in turn, ...
ZDNet

DNS cache poisoning attacks exploited in the wild

UPDATE: Arbor Networks have provided more details in their "30 Days of DNS Attack Activity" analysis, SANS confirmed HD Moore's statement on DNS cache poisoned AT&T DNS servers. Numerous independent ...
ZDNet

DNSpooq lets attackers poison DNS cache records

Security experts have disclosed today details about seven vulnerabilities impacting a popular DNS software package that is commonly deployed in networking equipment, such as routers and access points.
Bleeping Computer

DNS cache poisoning attacks return due to Linux weakness

Researchers from Tsinghua University and the University of California have identified a new method that can be used to conduct DNS cache poisoning attacks. The new discovery revives a 2008 bug that ...
Tidbits

DNS Clients Have Small Vector of Risk after Patch

The SANS Institute installed and tested out Apple’s fix for the underlying flaw in the domain name system (DNS) protocol, and found that a patched copy of Mac OS X 10.5 Leopard (the desktop version, ...
heise online

Zero trust at Microsoft: Windows receives zero-trust DNS client

The use of hyperscalers and their public cloud services in particular means that IP-based sets of rules only make limited sense. At the same time, DNS resolvers are distributed throughout the system ...