cache

DNS cache poisoning spotted at China Netcom

Paul Mah — Fri, 22 Aug 2008 11:52:28 -0400

China Netcom (CNC), one of China's largest Internet service providers (ISP), had the cache of its primary DNS server poisoned to redirect certain common typos to a malicious site. Now, it is relatively common for mistyped domain names to be redirected by ISPs to a placeholder site with advertisements as an additional revenue source for them. In this case though, customers of this prominent ISP are forwarded to a website under the control of an attacker. According to Websense's Security Labs alert, the site is rigged with malicious iFrame code to exploit known vulnerabilities in RealPlayer, MS06-014, Flash Player and Microsoft Snapshot Viewer.

To read up more about this story:
- check out this Websense alert

DNS attacks are draining corporate IT coffers

Wed, 18 Jul 2007 20:01:38 -0400

Attacks on companies' Domain Name System (DNS) servers are causing CIOs to spend a considerable amount of time and money to deploy complex security measures to keep their sites protected from malicious attackers. And according to NetworkWorld, despite this investment, companies are still vulnerable. In a study of 465 IT and business professionals, more than half the respondents reported having fallen victim to some form of malware attack. Over a third were hit by a denial-of-service (DoS) attack, and more than 44 percent had experienced a pharming or cache-poisoning attack. External and internal DNS servers were equally vulnerable: Both types succumbed to attacks with roughly the same frequency, according to the study by Mazerov Research and Consulting. A DNS server compromised by a hacker could be used to funnel Web surfers to all sorts of phishing attacks and malicious Web sites, and in some cases could even cause havoc with directory services and email.

For more on DNS attacks:
- check out this Network World article

Sometimes hackers are the good guys…

Wed, 31 Jan 2007 19:01:38 -0500

Although you might be tempted to consider all hackers scourges of society, there is one subset of hacker that is actually doing you a favor by trying to break into your system. It's the job of these professionals, called ethical hackers, to find security holes before real hackers find them, protecting your company and its data in the process. To ensure that you find a reputable ethical hacker, make sure you run a thorough background check and make sure the candidate understands sophisticated hacking techniques such as DNS host identification abuse, cache poisoning, password cracking, spoofing, SSL session hijacking and malicious log editing.

Read on for more information on how to hire an ethical hacker:
- Read the article at RedmondMag.com

Server cache can harbor malicious code

Wed, 11 Oct 2006 20:01:38 -0400

Every week seems to bring a new security alert about a risk factor that requires attention. The latest is "infection-by-proxy" code that can stay buried in server caches for weeks, adding a new element of risk to websites and web-based data. As security experts explain, caching technology used by search engines, ISPs and big companies can house certain kinds of malicious code even after a hosted site has been closed. A report by security vendor McAfee last spring noted that search engines are viewed as a major venue for the spread of malware and the cache issue doubles that threat.

For more on the cache code risk:
- read the news at Techworld