What was once a vague threat of eavesdropping, if you didn’t encrypt your email, has reached over into areas where many of us, from consumers to tech providers (of security hardware, no less) once felt fairly safe.
August 4, 2008 (IDG News Service) Nearly a month after a critical flaw in the Internet’s Domain Name System was first reported, vendors of some of the most widely used firewall software packages are scrambling to fix a problem that can essentially undo portions of the patches that address this bug.
Some firewall software undoes a source port randomization feature that was introduced in the DNS patches. While this change doesn’t completely negate the DNS patch, it could make it easier for attackers to pull off a cache-poisoning attack against the DNS server, security experts say.
This could lead to virtually undetectable phishing attacks against users of those DNS servers.
Security expert: DNS Attacks are Happening
Email – “Forgot your password? Send it to a hacker.”
what hackers are probing and leveraging…
…. when they’re not just trying to shut you down, wholesale…