Hackers Target Internet Address Bug to Disrupt Sites

Uploaded on 2015-08-14 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

software-bug-750x500.jpgThe bug targets systems which convert URLs into IP addresses.


Internet users could be affected by exploits that throw websites offline Hackers are exploiting a serious flaw in the Internet's architecture, according to a security firm.

The bug targets systems, which convert domain names into IP addresses. Exploiting it could threaten the smooth running of Internet services as it allows hackers to launch denial-of-service attacks on websites, potentially forcing them offline.

Regular Internet users are unlikely to be severely affected, however.

Bind is the name of a variety of Domain Name System (DNS) software used on the majority of Internet servers.

The recently identified bug allows attackers to crash the software, therefore taking the DNS service offline and preventing URLs, for example, from working. A patch for the flaw is already available, but many systems are yet to be updated.

The Internet Systems Consortium (ISC), which develops Bind, said in a tweet that the vulnerability was "particularly critical" and "easily exploited".

Daniel Cid, a networking expert at Sucuri has published a blog post on the vulnerability in which he explained that real exploits taking advantage of the flaw have already happened. He told the BBC: "A few of our clients, in different industries, had their DNS servers crashed because of it. Based on our experience, server software, like Bind, Apache, OpenSSL and others, do not get patched as often as they should."

Cybersecurity expert Brian Honan commented that a spike in exploits of the flaw was expected over the next few days. However, he added that websites would often still be accessible via other routes and cached addresses on DNS servers around the world, even when certain key DNS servers have been made to crash.

"It's not a doomsday scenario, it's a question of making sure the DNS structure can continue to work while patches are rolled out," he said. The impact on general Internet users is likely to be minimal, according to Mr Cid. "Average Internet users won't feel much pain, besides a few sites and email servers down," he said.
BBC: http://http://bbc.in/1DpQhd6

 

 

« Predictive Policing Technology Arrests
Switzerland & Austria Investigate Claims of Electronic Spying at Iran Talks »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NCC Group

NCC Group

NCC Group is a global cyber and software resilience business operating across multiple sectors, geographies and technologies.

SQA Service

SQA Service

SQA Service provide independent software and process Quality Assurance services.

Northbridge Insurance

Northbridge Insurance

Northbridge is a leading Canadian business insurance provider. Services offered include Cyber Risk insurance.

Critical Infrastructures for Information and Cybersecurity (ICIC)

Critical Infrastructures for Information and Cybersecurity (ICIC)

ICIC addresses the demand for cybersecurity for National Public Sector organizations and civil and private sector organizations in Argentina.

D3 Security

D3 Security

D3's Smart SOAR platform is at the forefront of the security automation revolution, helping clients around the world to rapidly identify, analyze, and resolve advanced threats.

Dcoya

Dcoya

Dcoya's complete security awareness training program gives you out-of-the-box compliance with PCI-DSS, HIPAA, SOX and ISO regulations.

Enigmatos

Enigmatos

Enigmatos is an Israeli based Automotive Cyber Security company. We provide solutions to the ever growing threat of vehicle hacking.

Enterprise Ethereum Alliance (EEA)

Enterprise Ethereum Alliance (EEA)

EEA is a member-led industry organization whose objective is to drive the use of Ethereum blockchain technology as an open-standard to empower ALL enterprises.

Google for Startups

Google for Startups

Google for Startups is Google’s initiative to help startups thrive across every corner of the world.

Expel

Expel

Expel provide transparent managed security services, 24x7 detection, response and resilience.

Raqmiyat

Raqmiyat

Raqmiyat provides end-to-end IT Services and business solutions including consultancy, digital transformation, infrastructure and cybersecurity.

Kindus

Kindus

Kindus is an IT security, assurance and cyber security risk management consultancy.

DatChat

DatChat

DatChat Inc. is a blockchain, cybersecurity, and social media company that focuses on protecting privacy on our devices and also protecting our information after we have shared it with others.

Dectar

Dectar

Dectar (formerly 4Securitas) is a cybersecurity company that provides solutions that predict, detect, defend and react against cybersecurity threats.

Psybersafe

Psybersafe

Psybersafe is a hands-on, behaviour-changing training system that keeps your people and your business cyber safe.

CliffGuard Cybersecurity

CliffGuard Cybersecurity

CliffGuard Cybersecurity deliver comprehensive services designed to protect your organization from the ever-evolving landscape of cyber threats.