Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Saturday, 4 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Easy to hack universal remote BIND DoS hole leaves DNS open to attack

by The Gurus
July 30, 2015
in Top 10 Stories
Share on FacebookShare on Twitter

Gird your loins internet: Attackers now have the ability to disrupt large swathes of the web through a remote denial of service vulnerability found in the most widely used software for DNS servers.
The BIND bug (CVE-2015-5477) patched overnight affects all DNS servers running the software, and can be attacked with ease.
In fact a researcher has already developed an attack capable of knocking servers offline with a single packet.
Internet Systems Consortium Michael McNally, lead investigator for the bug, says there are no workarounds other than to apply a patch. He expects attacks to happen soon.
“The practical effect of this is that this bug is difficult to defend against (except by patching, which is completely effective) and will not be particularly difficult to reverse-engineer,” McNally says.
“I have already been told by one expert that they have successfully reverse-engineered an attack kit from what has been divulged and from analysing the code changes, and while I have complete confidence that the individual who told me this is not intending to use his kit in a malicious manner, there are others who will do so who may not be far behind.”
Attackers can send a crafted DNS query packet to trigger a REQUIRE assertion failure, causing BIND to exit.
The bug is labeled a critical fix and “deserves that designation,” McNally says.
It stands out among other BIND bugs in that it affects almost all known BIND servers and cannot be mitigated without a patch. Firewalls will likely not help.
 
view the full story here

FacebookTweetLinkedIn
Tags: BINDBugcomputercoreroCPUCybercybersecurityDDoSDNSdosFirewallFlawHackHackerITit securityrisksecuritysystemicVulnVulnerabilityweakness
ShareTweetShare
Previous Post

Obama rolls out initiative to boost US supercomputer capability

Next Post

The StageFright Vulnerability: Maybe the greatest Android vulnerability (so far)

Recent News

london-skyline-canary-wharf

Ransomware attack halts London trading

February 3, 2023
Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

February 2, 2023
JD Sports admits data breach

JD Sports admits data breach

January 31, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information