all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

MaginotDNS: Attacking the Boundary of DNS Caching Protection

Add to bookmarks
Jan. 5, 2024, 5:50 p.m. | Black Hat

Black Hat www.youtube.com

MaginotDNS is a powerful cache poisoning attack against DNS servers that simultaneously act as forwarder and recursive resolver (termed as CDNS). The attack is made possible by exploiting vulnerabilities in the bailiwick checking algorithms, one of the cornerstones of DNS security since the 1990s, and affects multiple versions of popular DNS software, including BIND and Microsoft DNS. Through field tests, we find that the attack is potent, allowing attackers to take over entire DNS zones, even including Top-Level Domains (e.g., …

act algorithms attack cache cache poisoning dns dns security exploiting poisoning popular protection resolver security servers software vulnerabilities

Visit resource

More from www.youtube.com / Black Hat

Startup Spotlight Competition at Black Hat 5 days, 7 hours ago | www.youtube.com
bhusa blackhat cybersecurity infosec +1
Locknote: Conclusions and Key Takeaways from Day 2 3 weeks, 3 days ago | www.youtube.com
black hat black hat europe board board members +15
Locknote: Conclusions and Key Takeaways from Day 1 3 weeks, 3 days ago | www.youtube.com
black hat black hat europe board board members +16
Keynote: My Lessons from the Uber Case 3 weeks, 3 days ago | www.youtube.com
addition best practices case convicted +16
Keynote: Industrialising Cyber Defence in an Asymmetric World 3 weeks, 4 days ago | www.youtube.com
adversaries challenge cyber cyber defence +10
The Black Hat Europe Network Operations Center (NOC) Report 3 weeks, 4 days ago | www.youtube.com
back black hat black hat europe center +14
My Invisible Adversary: Burnout 4 weeks, 1 day ago | www.youtube.com
adversary attackers attacks burnout +11
The Magnetic Pull of Mutable Protection: Worked Examples in Cryptographic Agility 4 weeks, 1 day ago | www.youtube.com
analysis ask bad codeql +10
A World-View of IP Spoofing in L4 Volumetric DoS Attacks - and a Call to … 1 month ago | www.youtube.com
attacks call cloudflare detection +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

DevSecOps Engineer

@ Material Bank | Remote
View on infosec-jobs.com

Instrumentation & Control Engineer - Cyber Security

@ ASSYSTEM | Bridgwater, United Kingdom
View on infosec-jobs.com

Security Consultant

@ Tenable | MD - Columbia - Headquarters
View on infosec-jobs.com

Management Consultant - Cybersecurity - Internship

@ Wavestone | Hong Kong, Hong Kong
View on infosec-jobs.com

TRANSCOM IGC - Cybersecurity Engineer

@ IT Partners, Inc | St. Louis, Missouri, United States
View on infosec-jobs.com

Manager, Security Operations Engineering (EMEA)

@ GitLab | Remote, EMEA
View on infosec-jobs.com
View more jobs