U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

ICANN warns of large-scale attacks on Internet infrastructure

Large-scale attacks are threatening the global Internet infrastructure, the alarm was launched by the Internet Corporation for Assigned Names and Numbers (ICANN). After an emergency meeting, the Internet Corporation for Assigned Names and Numbers (ICANN) confirmed that the global Internet infrastructure is facing large-scale attacks. ICANN warns of “an ongoing and significant risk” to key […]

Agentic AI Artificial Intelligence incident response Bind

Large-scale attacks are threatening the global Internet infrastructure, the alarm was launched by the Internet Corporation for Assigned Names and Numbers (ICANN).

After an emergency meeting, the Internet Corporation for Assigned Names and Numbers (ICANN) confirmed that the global Internet infrastructure is facing large-scale attacks.

ICANN warns of “an ongoing and significant risk” to key components of the Internet infrastructure.

“The Internet Corporation for Assigned Names and Numbers (ICANN) believes that there is an ongoing and significant risk to key parts of the Domain Name System (DNS) infrastructure. ” reads the ICANN’s announcement.

“They are going after the internet infrastructure itself,” ICANN chief technology officer David Conrad told AFP.

“There have been targeted attacks in the past, but nothing like this.”

Even if the attacks date back to 2017, in recent weeks the experts observed a spike in the malicious activities against the Internet infrastructure, threat actors are targeting the Domain Name System or DNS which are responsible for traffic rounting.

According to the ICANN, threat actors aim at snooping and hijacking traffic, for this reason, it is necessary the hardening of the Internet infrastructure.

“There isn’t a single tool to address this,” Conrad said.

Internet Infrastructure

At the end of January, the DHS issued a notice of a CISA emergency directive urging federal agencies of improving the security of government-managed domains (i.e. .gov) to prevent DNS hijacking attacks.

The notice was issued by the DHS and links the emergency directive 
Emergency Directive 19-01 titled “Mitigate DNS Infrastructure Tampering.”

Earlier January, security experts at FireEye uncovered a DNS hijacking campaign that is targeting government agencies, ISPs and other telecommunications providers, Internet infrastructure entities, and sensitive commercial organizations in the Middle East, North Africa, North America and Europe. According to the experts, the campaign is carried out, with “moderate confidence,” by APT groups linked to the Iranian Government.

These malicious activities could allow attackers to carry out cyber espionage campaign or temporarily break portions of the Internet.

ICANN urged implementation of DNSSEC technology to prevent traffic hijacking. DNSSEC can also prevent internet users from being misdirected from intended websites, according to ICANN.

“In the context of increasing reports of malicious activity targeting the DNS infrastructure, ICANN is calling for full deployment of the Domain Name System Security Extensions (DNSSEC) across all unsecured domain names.” concludes the ICANN. “The organization also reaffirms its commitment to engage in collaborative efforts to ensure the security, stability and resiliency of the Internet’s global identifier systems.”

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – ICANN, DNS hijacking)

[adrotate banner=”5″]

[adrotate banner=”13″]