DNS Security

DNS Security / News Briefs

InternetNZ Has Disclosed a Vulnerability That Can Be Weaponized Against Authoritative DNS Servers

New Zealand's .nz operator, InternetNZ, on Wednesday disclosed a vulnerability against authoritative DNS servers. The vulnerability called TsuNAME was first detected in February 2020 in the .nz registry and found that it could be exploited to carry out Denial-of-Service (DoS) attacks across the world. more

Security Researcher Dan Kaminsky Has Died

The celebrated security researcher, Dan Kaminsky, widely known for his work on discovering cruicisl DNS security flaws, Sony Rootkit infections and pupular talk at the Black Hat Briefings. more

PIR Launches New Institute to Combat DNS Abuse

Public Interest Registry (PIR), the non-profit operator of the .org top-level domain, today launched the DNS Abuse Institute, a centralized effort to combat DNS Abuse. In its news release, PIR said the Institute "will bring together leaders in the anti-abuse space to fund research, publish recommended practices, share data, and provide tools to identify and report DNS Abuse." more

DNSSEC Now Deployed in all Generic Top-Level Domains, Says ICANN

The Internet Corporation for Assigned Names and Numbers organization (ICANN org) announced that all of the current 1,195 generic top-level domains (gTLDs) have deployed Domain Name System Security Extensions (DNSSEC). more

Firefox Starts the Roll Out of DNS Over HTTPS (DoH) by Default for US-Based Users

According to the company, the rollout will continue over the next few weeks to confirm that no major issues are discovered as this new protocol is enabled. more

Microsoft Announces Plans to Adopt DoH in Windows

Microsoft announced today its plans to adopt DNS over HTTPS (DoH) protocol in Windows and will also keep other options such as DNS over TLS (DoT) on the table for consideration. more

EFF: For ISPs to Retain Power to Censor the Internet, DNS Needs to Remain Leaky

EFF's Senior Legislative Counsel, Ernesto Falcon, in a post on Monday has argued that major ISPs in the U.S. -- the likes of Comcast, AT&T;, and Verizon -- are aggressively influencing legislators to stop the deployment of DNS over HTTPS (DoH), "a technology that will give users one of the biggest upgrades to their Internet privacy and security since the proliferation of HTTPS." more

Leading Domain Registries and Registrars Release Joint Document on Addressing ‘DNS Abuse’

A group of leading domain name registries and registrars have joined forces in the fight against abuse in the Domain Name System (DNS), by developing a "Framework to Address Abuse." Each contributing company has shared its expertise and experience mitigating abusive practices with the goal of submitting the resulting Framework as a foundational document for further discussion in the multistakeholder community.  more

The U.S. House Judiciary Committee Is Investigating Google’s Plans to Implement DNS Over HTTPS

The U.S. House Judiciary Committee is investigating Google's plans to implement DNS over HTTPS (DoH) in Chrome according to a report by the Wall Street Journal over the weekend. more

Use of DNS Firewalls Could Have Prevented More Than $10B in Data Breach Losses Over the Past 5 Years

New research from the Global Cyber Alliance (GCA) released on Wednesday reports that the use of freely available DNS firewalls could prevent 33% of cybersecurity data breaches from occurring. more

Unexpected Behaviour Observed With DNS Root Servers After Cryptographic Change

The DNS root servers were reported by Verisign to be under unexpected attack from name servers across the Internet following ICANN's recent changes to their cryptographic master keys. more

ICANN Makes Urgent Call for Full Deployment of Domain Name System Security Extensions (DNSSEC)

In light of increasing reports of malicious activity targeting the DNS infrastructure, ICANN is calling for the full deployment of the Domain Name System Security Extensions (DNSSEC) across all unsecured domain names. more

ISC Assesses DNS Flag Day

Everyone who participated in supporting DNS Flag Day initiative should feel they have accomplished something worth-while, says ISC's Vicky Risk. more

Global DNS Record Manipulation, Hijacking Campaign at Massive Scale Linked to Iran

A wave of DNS hijacking is reported to have affected dozens of domains belonging to government, telecommunications and internet infrastructure entities across the Middle East and North Africa, Europe and North America. more

ICANN Facing Critical Choice for Plan to Change DNS Cryptographic Key

While the majority of ICANN's Security and Stability Advisory Committee (SSAC) have given the organization the green signal to roll, or change, the "top" pair of cryptographic keys used in the DNSSEC protocol, commonly known as the Root Zone KSK (Key Signing Key), five members of the committee advised against the October 11 rollover timeline. more