LINK A new vulnerability in BIND was found. If you use BIND, time to read up.
LINK LINK 9 vulnerabilities were disclosed affecting numerous implementation of DNS in TCP\IP stacks. Many items in Industrial Control are used as well so take the time to examine this vulnerability against your devices.
In a nice document by the NSA, the illustrate the positives and negatives of the new trend for browsers to have DNS encryption thru the browser. For those in the enterprise my take on it is simple: You are the boss. Manage the DNS in your enterprise. Configure desktops/laptops/clients to not use and even try […]
SOFTWARE: DNSmasq SOFTWARE LINK(s): https://www.thekelleys.org.uk/dnsmasq/ CVEs: CVE-2020-25684, CVE-2020-25685, and CVE-2020-25686 NOTES: Dnsmasq versions 2.78 to 2.82 were all found to be affected by the three flaws. Researchers are calling it DNSpooqI have a Raspberry Pi running the AD killing software called Pi-Hole – Its running DNSmasq. Simply put, there is a good chance this vulnerability […]