Do you have a love/hate relationship with DNS and how it makes your life so interesting? If not, hopefully you aren't using one of the D-Link, ARG-W4, DSLink, Secutech or TOTOLINK routers listed in this article at Slashdot as it is bound to ruin your trust in DNS. Three distinct waves of attacks, late December 2018, early February 2019, and late March 2019 have been detected by Bad Packets and the attacks continue to this day.
Using some well known but as of yet patched exploits, hackers are changing the DNS server on those routers so they can easily and invisibly redirect you to cloned sites to harvest account info as you attempt to log into these faked sites. If you do have one of these routers, see about getting a firmware update from the manufacturer or your ISP … just don't do it from a machine connected to the router!
"Troy Mursch, founder and security researcher at internet monitoring firm Bad Packets, said he detected three distinct waves during which hackers have launched attacks to poison routers' DNS settings –late December 2018, early February 2019, and late March 2019. Attacks are still ongoing, he said today in a report about these attacks."
Here is some more Tech News from around the web:
- Google dissolves its AI ethics board after just one week @ The Inquirer
- VR modes coming to Super Mario Odyssey, Breath of the Wild on Nintendo Switch @ Ars Technica
- Xen 4.12 shrinks code, beefs up security, rethinks x86 support @ The Register
- Lend me your ears and AI will play with your brain: Machine voice imitators outsmart us @ The Register
- GPS “rollover” event on April 6 could have some side-effects @ Ars Technica
- Arozzi Arena Leggero Star Trek Edition Gaming Desk Review @ NikKTech
I’m assuming this means web
I’m assuming this means web pages are shown either as not https or invalid https on any modern browser?
I believe this is the perfect
I believe this is the perfect man-in-the-middle attack. Even if it’s https, as long as the attacker has a valid cert there’s no way for the user to know via the browser that they’re being f’ed
“Using some well known but as
“Using some well known but as of yet patched exploits,…”
Jeremy, Didya mean UN-patched?
They can be patched, but as
They can be patched, but as of yet the users or ISPs haven't.
Even so, what you wrote still
Even so, what you wrote still doesn’t make sense… :/