New DNS Flaw Enables ‘Nation-State Level Spying’ on Companies

This article has been indexed from E Hacking News – Latest Hacker News and IT Security News

 

Researchers discovered a new category of DNS vulnerabilities hitting major DNS-as-a-Service (DNSaaS) providers, which may enable attackers to get access to sensitive data of company networks. 
DNSaaS providers (also referred to as managed DNS providers) rent DNS to other businesses who don’t want to maintain and protect yet additional network resources on their own. 
These DNS vulnerabilities, as disclosed by cloud security firm Wiz researchers Shir Tamari and Ami Luttwak at the Black Hat security conference, grant threat actors nation-state intelligence harvesting powers with simple domain registration. 
As per the description, they simply created a domain and utilized it to hijack a DNSaaS provider’s nameserver (in this instance, Amazon Route 53), permitting them to eavesdrop on dynamic DNS traffic streaming from Route 53 users’ networks. 
The Wiz researchers stated, “We found a simple loophole that allowed us to intercept a portion of worldwide dynamic DNS traffic going through managed DNS providers like Amazon and Google,” 
“The dynamic DNS traffic we ‘wiretapped’ came from over 15,000 organizations, including Fortune 500 companies, 45 U.S. government agencies, and 85 international government agencies.” 
Employee/computer identities and locations and extremely sensitive data about organizations’ infrastructure, such as Internet-exposed network equipment, were among the

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

Read the original article: New DNS Flaw Enables ‘Nation-State Level Spying’ on Companies