Tag Archives: DNS

CISA’s Christopher Krebs Issues Emergency Directive on Windows Server Security Updates

Christopher Krebs

Christopher Krebs, director of the Cybersecurity and Infrastructure Security Agency (CISA) and a 2020 Wash100 Award recipient, is mandating agencies to update their Domain Name System-based (DNS) Windows servers following reports of new cyber threats.

Read More »

Michael Duffy on Agencies’ Compliance With DHS Directive on DNS Tampering Campaign

Michael Duffy of the Department of Homeland Security said there are only “a handful” of agencies that still need to comply with the requirements of an emergency directive that DHS released in January to address Domain Name System tampering activities, FCW reported Friday. Duffy, acting deputy director of DHS’ federal network resilience division, said during a Thursday meeting of the Information Security and Privacy Advisory Board that those agencies deal with "external dependencies" on DNS providers that make the process challenging to adopt multifactor authentication.

Read More »

Christopher Krebs Explains Rationale Behind CISA’s Directive on DNS Tampering Campaign

Christopher Krebs, director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, has explained the reason behind CISA’s move to release its first emergency directive about Domain Name System tampering activities. Reports from FireEye and Cisco Talos revealed that malicious actors gained access to accounts that regulated DNS records and “made them resolve to their own infrastructure before relaying it to the real address,” Krebs wrote in a blog post published Thursday.
 

Read More »

Reports: US Authorities Examine Cyber Attack on DNS Provider Dyn

U.S. authorities are investigating a distributed-denial-of-service attack that hit internet performance management company Dyn‘s managed domain name system infrastructure, USA Today reported Friday. Eli Blumenthal and Elizabeth Weise write that Amazon, Twitter, Spotify, Netflix and PayPal were among the websites hobbled by the DDoS attack on the Dyn service Friday. The report said security experts believe the source of attack …

Read More »

Lawrence Strickling: NTIA Will Let IANA Contract Expire on October 1

The National Telecommunications and Information Administration will not renew its Internet Assigned Numbers Authority functions contract with the Internet Corporation for Assigned Names and Numbers after the pact expires on October 1. NTIA Administrator Lawrence Strickling wrote in a blog post published Tuesday ICANN reported that it has completed or will complete tasks for the …

Read More »