ICT Security-Sécurité PC et Internet
87.1K views | +0 today
ICT Security-Sécurité PC et Internet
Education Technology
ICT Security + Privacy + Piracy + Data Protection - Censorship - Des cours et infos gratuites sur la"Sécurité PC et Internet" pour usage non-commercial... (FR, EN+DE)...
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

Encrypted DNS Could Help Close the Biggest Privacy Gap on the Internet. Why Are Some Groups Fighting Against It? | #CyberSecurity 

Encrypted DNS Could Help Close the Biggest Privacy Gap on the Internet. Why Are Some Groups Fighting Against It? | #CyberSecurity  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.eff.org - September 13, 2019 5:32 PM

Thanks to the success of projects like Let’s Encrypt and recent UX changes in the browsers, most page-loads are now encrypted with TLS. But DNS, the system that looks up a site’s IP address when you type the site’s name into your browser, remains unprotected by encryption.

Because of this, anyone along the path from your network to your DNS resolver (where domain names are converted to IP addresses) can collect information about which sites you visit. This means that certain eavesdroppers can still profile your online activity by making a list of sites you visited, or a list of who visits a particular site. Malicious DNS resolvers or on-path routers can also tamper with your DNS request, blocking you from accessing sites or even routing you to fake versions of the sites you requested.

 

Learn more / en Savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=EFF

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=DNS

 

Gust MEES's insight:

Thanks to the success of projects like Let’s Encrypt and recent UX changes in the browsers, most page-loads are now encrypted with TLS. But DNS, the system that looks up a site’s IP address when you type the site’s name into your browser, remains unprotected by encryption.

Because of this, anyone along the path from your network to your DNS resolver (where domain names are converted to IP addresses) can collect information about which sites you visit. This means that certain eavesdroppers can still profile your online activity by making a list of sites you visited, or a list of who visits a particular site. Malicious DNS resolvers or on-path routers can also tamper with your DNS request, blocking you from accessing sites or even routing you to fake versions of the sites you requested.

 

Learn more / en Savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=EFF

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=DNS

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Google, Red Hat discover critical DNS security flaw that enables malware to infect entire internet | CyberSecurity | #GlibC

Google, Red Hat discover critical DNS security flaw that enables malware to infect entire internet | CyberSecurity | #GlibC | ICT Security-Sécurité PC et Internet | Scoop.it
From www.ibtimes.co.uk - February 25, 2016 9:40 AM
Google and enterprise software firm Red Hat have discovered a critical security flaw affecting the Internet's Domain Name System (DNS), found in a universally used protocol. This means an attacker could use it to infect almost everything on the entire internet. With the flawed code spread far and wide, it will likely take years of effort to patch the bug.

Google and Red Hat engineers both independently discovered the DNS bug within the GNU C standard library (glibc), which has been assigned CVE-2015-7547, and then worked together to create a patch. The security vulnerability works by tricking browsers into looking up suspicious domains, which causes servers to reply with DNS names that are far too long, thus causing a buffer overflow in the victim's software.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux


Gust MEES's insight:
Google and enterprise software firm Red Hat have discovered a critical security flaw affecting the Internet's Domain Name System (DNS), found in a universally used protocol. This means an attacker could use it to infect almost everything on the entire internet. With the flawed code spread far and wide, it will likely take years of effort to patch the bug.

Google and Red Hat engineers both independently discovered the DNS bug within the GNU C standard library (glibc), which has been assigned CVE-2015-7547, and then worked together to create a patch. The security vulnerability works by tricking browsers into looking up suspicious domains, which causes servers to reply with DNS names that are far too long, thus causing a buffer overflow in the victim's software.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux


more...
No comment yet.
Sign up to comment
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

LinkedIn DNS hijacked, site offline • The Register

LinkedIn DNS hijacked, site offline • The Register | ICT Security-Sécurité PC et Internet | Scoop.it
From www.theregister.co.uk - June 20, 2013 4:27 AM

LinkedIn is working on its right-on-the-ball-with-security reputation, this time letting slip its domain details.

 

According to this App.net post:

 

“LinkedIn just got DNS hijacked, and for the last hour or so, all of your traffic has been sent to a network hosted by this company [confluence-networks.com]. And they don't require SSL, so if you tried to visit, your browser sent your long-lived session cookies in plaintext.” (User @berg)

Gust MEES's insight:

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=LinkedIn

 

more...
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Massive DDoS attack against anti-spam provider impacts millions of internet users

Massive DDoS attack against anti-spam provider impacts millions of internet users | ICT Security-Sécurité PC et Internet | Scoop.it
From nakedsecurity.sophos.com - March 28, 2013 10:07 AM
The largest recorded DDoS attack has been ongoing for over eight days now, causing slowdowns and errors throughout the internet. Is this a one time scenario or does this expose a greater weakness i...
Gust MEES's insight:

 

Check also:

 

http://www.scoop.it/t/securite-pc-et-internet?tag=DNS-HACK

 

more...
Scooped by Gust MEES
Scoop.it!

Une des pires cyberattaques affecte actuellement internet

Une des pires cyberattaques affecte actuellement internet | ICT Security-Sécurité PC et Internet | Scoop.it
From www.wort.lu - March 28, 2013 8:45 AM
Une cyberattaque ciblant une entreprise européenne recensant les spams est l'une des plus importantes jamais vues à ce jour, un expert a même assuré qu'elle affectait le fonctionnement du réseau internet.
Gust MEES's insight:

 

Les pirates ont visé Spamhaus, un groupe basé à Genève qui publie des «listes noires» d'adresses de spams dont se servent les messageries pour filtrer les courriels indésirables.

 

L'attaque a surchargé le réseau mondial, ce qui a vraisemblablement eu des répercussions sur internet, selon Matthew Prince, de la société américaine de sécurité informatique CloudFlare.

 

Check also:

 

http://www.scoop.it/t/securite-pc-et-internet?tag=DNS-HACK

 

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

BlackWallet cryptocurrency site loses users’ money after DNS hijack | #CyberSecurity #Cybercrime #NobodyIsPerfect

BlackWallet cryptocurrency site loses users’ money after DNS hijack | #CyberSecurity #Cybercrime #NobodyIsPerfect | ICT Security-Sécurité PC et Internet | Scoop.it
From nakedsecurity.sophos.com - January 18, 2018 9:48 AM
Another site in the booming cryptocurrency wallet sector has been hacked after what looks like a DNS hijacking attack.

The victim this time is BlackWallet, whose users reportedly lost 670,000 of a currency called Stellar Lumens (XLMs) worth around $425,000 at the point they were stolen on the afternoon of 13 January.

News that something was amiss first emerged in a Reddit posting claiming to be from the site’s admin:

BlackWallet was compromised today, after someone accessed my hosting provider account. I am sincerely sorry about this and hope that we will get the funds back.

A security researcher who took a look at blackwallet.co before it was taken down tweeted:

The DNS hijack of Blackwallet injected code, if you had over 20 Lumens it pushes them to a different wallet.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=crypto-currency

 

Gust MEES's insight:
Another site in the booming cryptocurrency wallet sector has been hacked after what looks like a DNS hijacking attack.

The victim this time is BlackWallet, whose users reportedly lost 670,000 of a currency called Stellar Lumens (XLMs) worth around $425,000 at the point they were stolen on the afternoon of 13 January.

News that something was amiss first emerged in a Reddit posting claiming to be from the site’s admin:

BlackWallet was compromised today, after someone accessed my hosting provider account. I am sincerely sorry about this and hope that we will get the funds back.

A security researcher who took a look at blackwallet.co before it was taken down tweeted:

The DNS hijack of Blackwallet injected code, if you had over 20 Lumens it pushes them to a different wallet.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=crypto-currency

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

LinkedIn confirms it suffered a one hour outage due to a ‘DNS issue’

LinkedIn confirms it suffered a one hour outage due to a ‘DNS issue’ | ICT Security-Sécurité PC et Internet | Scoop.it
From thenextweb.com - June 20, 2013 5:46 AM
Business-focused social network LinkedIn is continuing to recover from a DNS error that took the site offline for an hour. The outage began when the popular service's homepage was replaced ...
Gust MEES's insight:

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=LinkedIn

 

more...
Gust MEES's curator insight, June 20, 2013 5:48 AM

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=LinkedIn

 
Jason Toy's curator insight, June 20, 2013 6:34 AM

Anytime a social media exchange such as this goes dark..questions will be asked
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Gigantische DDoS-Attacke: Spam-Streit bremst das Internet

Gigantische DDoS-Attacke: Spam-Streit bremst das Internet | ICT Security-Sécurité PC et Internet | Scoop.it
From www.spiegel.de - March 28, 2013 10:36 AM
Im Internet ist der Streit zwischen einer Organisation zur Spam-Bekämpfung und einer niederländischen Firma eskaliert. Eine gigantische DDoS-Attacke auf die Spamhaus-Gruppe bremste offenbar den Verkehr im gesamten Internet.
Gust MEES's insight:

 

Check also:

 

http://www.scoop.it/t/securite-pc-et-internet?tag=DNS-HACK

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Spamhaus attacks expose huge open DNS server dangers

Spamhaus attacks expose huge open DNS server dangers | ICT Security-Sécurité PC et Internet | Scoop.it
From www.computerworld.com - March 28, 2013 9:10 AM
Massive distributed denial of service attacks on Spamhaus this week focused widespread attention on the huge security threats posed by millions of poorly configured Internet Domain Name System servers.
Gust MEES's insight:

 

A MUST read, great article who explains in detail...

 

Check also:

 

http://www.scoop.it/t/securite-pc-et-internet?tag=DNS-HACK

 

more...
No comment yet.
Sign up to comment
About Follow us Resources Terms Mobile Features
Facebook
X
LinkedIn