Security Affairs
Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

BIND Flaws exploited in DNS server attacks

Recently we reported a new vulnerability affecting Bind, now experts at Sucuri confirmed that the flaw is being exploited in DNS server attacks. A few days ago we wrote about the BIND software flaws that were discovered, affecting important companies, and last week a patch was released for the denial-of-service flaw (CVE-2015-5477), which was affecting […]

BIND Flaws exploited in DNS server attacks

Recently we reported a new vulnerability affecting Bind, now experts at Sucuri confirmed that the flaw is being exploited in DNS server attacks.

A few days ago we wrote about the BIND software flaws that were discovered, affecting important companies, and last week a patch was released for the denial-of-service flaw (CVE-2015-5477), which was affecting all versions of BIND 9.

The flaw can be exploited by sending a malformed packet to the vulnerable server, which when receives it will crash.

The vulnerability could be exploited by attackers to crash both authoritative and recursive DNS servers.

Researchers were predicting that attackers were going to try to exploit the flaw, and today we can officially confirm it.

“We can confirm that the attacks have begun,”, “DNS is one of the most critical parts of the Internet infrastructure, so having your DNS go down, it also means your email, HTTP and all other services will be unavailable.” wrote David Cid, founder of security company Sucuri.

bind flaw 2

Everyone is advised to patch his DNS servers since there is no workaround, and the only way to really stop the attacks is the installation of the patch.

“All major Linux distributions (Redhat, Centos, Ubuntu, etc) have already provided patches for it and a simple “yum update” on Redhat/Centos or “apt-get update” on Debian-based systems will get you protected. Remember though, for the change to take affect you must restart BIND after the update.”

If you run your own DNS server and want to check if you are being targeted, you need to look for “ANY TKEY” in your DNS logs:

Aug 2 10:32:48 dns named[2717]: client a.b.c.d#42212 (foo.bar): view north_america: query: foo.bar ANY TKEY + (x.y.z.zz)

Here is the tip, so please patch your DNS servers.

Elsio Pinto (@high54security) is at the moment the Lead Mcafee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog Mcafee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog http://high54security.blogspot.com/

Edited by Pierluigi Paganini

(Security Affairs – BIND,  hacking)