News Related to Internet

New DNS Rebinding Exposures

DNS Changer Working Group - Wed, 06/20/2018 - 16:19

Attackers with DNS Rebinding change the DNS server settings in your devices, home CPEs, and other network devices. The goal is to get them to use their DNS Resolver vs the one provided by your Operator (or one you select for a DNS security service). The miscreants (bad guys) will use malware, phishing, and other techniques to use your human controlled devices to change the DNS Resolver settings on your internal devices. This can be everything form your CPE (DNS Changer style) to your home control units, to all over devices in the home. This is a persistent attack vector that will resurge every time there is a new generation of “devices in the home” which have not been locked down and secured.

We have a several new exposure/vulnerability details from several authors. These are well-detailed explanations that help you understand the risk.

Much of the risk will be mitigated through the upgrade of software on devices to make it harder for malware to reset the DNS on these devices. We’ll add more detection, mitigation, and remediation details through the lifecycle of this wave of DNS Rebinding Notifications.

DNS Rebinding Articles and Blogs

(2018-06-19) Attacking Private Networks from the Internet with DNS Rebinding – TL;DR Following the wrong link could allow remote attackers to control your WiFi router, Google Home, Roku, Sonos speakers, home thermostats and more. by Brannon Dorsey

(2018-06-20) Google, Roku, Sonos to Fix DNS Rebinding Attack Vector by 

(2007-10-19) Protecting Browsers from DNS Rebinding Attacks (Original Paper)

(2018-06-19) MILLIONS OF STREAMING DEVICES ARE VULNERABLE TO A RETRO WEB ATTACK by 

(2018-03-11) Ethereum clients found to be vulnerable to DNS Rebinding attack by ARMIN DAVIS

 

TLP: WHITE

Version 1.0

The post New DNS Rebinding Exposures appeared first on DCWG.

Subscribe to SaKaEM Inc - PeopleSoft Practice aggregator - News Related to Internet