Timely - I just received this alert this morning, warning of a critical DNS vulnerability that could cause widespread internet disruptions:
Title: DNS Server Vulnerability: Single DNS Packet Can Bring Down The System
Source: GB Hackers
Date Published: February 15, 2024
Excerpt:
"A new flaw has been discovered in DNSSEC, which, when exploited by threat actors, could result in the unavailability of technologies such as web browsing, email, and instant messaging. This new class of attacks has been termed “KeyTrap” by researchers.
Moreover, a threat actor could completely disable large parts of the worldwide internet. KeyTrap attacks affect not only DNS but also the applications using it. The “KeyTrap” class of attacks has been assigned with CVE-2023-50387, and the severity is yet to be categorized. As of December 2023, 31.47% of the web clients used DNSSEC-validating DNS resolvers worldwide."
Timely - I just received this alert this morning, warning of a critical DNS vulnerability that could cause widespread internet disruptions:
Title: DNS Server Vulnerability: Single DNS Packet Can Bring Down The System Source: GB Hackers Date Published: February 15, 2024 Excerpt:
"A new flaw has been discovered in DNSSEC, which, when exploited by threat actors, could result in the unavailability of technologies such as web browsing, email, and instant messaging. This new class of attacks has been termed “KeyTrap” by researchers.
Moreover, a threat actor could completely disable large parts of the worldwide internet. KeyTrap attacks affect not only DNS but also the applications using it. The “KeyTrap” class of attacks has been assigned with CVE-2023-50387, and the severity is yet to be categorized. As of December 2023, 31.47% of the web clients used DNSSEC-validating DNS resolvers worldwide."
To read the complete article see:
https://gbhackers.com/critical-dnssec-flaw/