[Servercert-wg] Ongoing DNS compromises
Geoff Keating
geoffk at apple.com
Tue Jan 22 18:47:48 MST 2019
Hi All!
I thought I’d draw your attention to
https://www.us-cert.gov/ncas/current-activity/2019/01/22/CISA-Emergency-Directive-DNS-Infrastructure-Tampering
https://www.fireeye.com/blog/threat-research/2019/01/global-dns-hijacking-campaign-dns-record-manipulation-at-scale.html
https://blog.talosintelligence.com/2018/11/dnspionage-campaign-targets-middle-east.html
This is not a new kind of attack but it seems to being used in a more sophisticated way than previously. It highlights the difference between ‘ability to change DNS’ and ‘control of the domain’.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3395 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20190122/eef71cc6/attachment.p7s>
More information about the Servercert-wg
mailing list