DTX Manchester DTX Manchester
  • About Us
Thursday, 21 January, 2021
IT Security Guru
CTX Manchester 2020 banner ad
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Easy to hack universal remote BIND DoS hole leaves DNS open to attack

by The Gurus
July 30, 2015
in Top 10 Stories
Share on FacebookShare on Twitter

Gird your loins internet: Attackers now have the ability to disrupt large swathes of the web through a remote denial of service vulnerability found in the most widely used software for DNS servers.
The BIND bug (CVE-2015-5477) patched overnight affects all DNS servers running the software, and can be attacked with ease.
In fact a researcher has already developed an attack capable of knocking servers offline with a single packet.
Internet Systems Consortium Michael McNally, lead investigator for the bug, says there are no workarounds other than to apply a patch. He expects attacks to happen soon.
“The practical effect of this is that this bug is difficult to defend against (except by patching, which is completely effective) and will not be particularly difficult to reverse-engineer,” McNally says.
“I have already been told by one expert that they have successfully reverse-engineered an attack kit from what has been divulged and from analysing the code changes, and while I have complete confidence that the individual who told me this is not intending to use his kit in a malicious manner, there are others who will do so who may not be far behind.”
Attackers can send a crafted DNS query packet to trigger a REQUIRE assertion failure, causing BIND to exit.
The bug is labeled a critical fix and “deserves that designation,” McNally says.
It stands out among other BIND bugs in that it affects almost all known BIND servers and cannot be mitigated without a patch. Firewalls will likely not help.
 
view the full story here

0 0 vote
Article Rating
FacebookTweetLinkedIn
Tags: BINDBugcomputercoreroCPUCybercybersecurityDDoSDNSdosFirewallFlawHackHackerITit securityrisksecuritysystemicVulnVulnerabilityweakness
ShareTweetShare
Previous Post

Obama rolls out initiative to boost US supercomputer capability

Next Post

The StageFright Vulnerability: Maybe the greatest Android vulnerability (so far)

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

Instagram notification symbol in neon lights, with a white heart and a white 0 next to it

Social Media Fails to Monitor Extremist Content

January 21, 2021
The purpose of this image is to portray security through a key attached to what looks like a memory card.

Biden Administration to put Stronger Emphasis on Cyber Security

January 21, 2021
scrabble letters spelling out "Scam Alert"

Phishing Scam Exposes Stolen Passwords

January 21, 2021
Close up image of the sun/a star.

How did SolarWind Hackers evade Detection?

January 21, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept