As discussed in a previous blog, DNS RPZ provides IT teams and network administrators with a “DNS configuration layer”, or rewrite module, to effectively handle DNS responses with the open source domain name system software, BIND.
Savvy marketers, politicians, and publishers all capitalize on the public’s emotional response to these sorts of triggers. Their objectives vary. Inform readers/viewers? Possibly. Drive traffic and more clicks? Definitely.
First off, let’s make it clear that there is nothing inherently malicious about the act of cryptocurrency mining. Rather, over the past couple of years cybercriminals and bad actors have leveraged existing exploits and found unsecured hardware to implant Cryptocurrency Mining code and steal CPU/GPU cycles from computer owners and website visitors without their knowledge. These activities are what we refer to as “Malicious Cryptocurrency Mining”.
Since the release of BIND 9 in 2010, RPZ has proven a powerful technology for security and network management—allowing organizations to implement an additional DNS configuration layer. In fact, BIND is the most widely used Domain Name System software on the internet—making RPZ configuration options like integrating commercial feeds, blocklists, and URL databases like zveloDB™ all the more attractive. So let’s take a moment to revisit the advantages of RPZ.
Over the past decade, the use of “clickbait” ads has become the norm in order to entice viewers to click on the ad and drive traffic to a publisher. Web surfers have grown accustomed to seeing the same types of clickbait ads and sponsored stories like the ones shown below with sensational headlines about curing cancer, stopping aging, improving your sex life and more.
For the average web surfer, the URL bar provides a magical portal to the interwebz where anything that can be thought of can be entered—revealing the treasures of the internet at the stroke of ‘enter’. For the rest of us, we know it gets much more complicated than that as we slip down the rabbit hole and into OSI, DNS, TLS, HTTPS, subdomains…
I was recently debugging a nasty issue in one of our backend services and needed to view the exact HTTP request & response being sent to an authentication server. Fortunately, Go’s standard library provides http.RoundTripper, httputil.DumpRequestOut & httputil.DumpResponse, which are great for dumping the exact out-bound request & the response. But since an authentication request contains credentials and a response contains a security token, it would have been insecure to record credentials & tokens in our logging systems. How could I securely exfiltrate the information I needed, while maintaining security and not requiring a whole lot of changes to my codebase or deployment environment?
Last week, we announced that we will be extending zveloDB™ URL categorization support to include eight (8) new categories. The new categories represent a number of emergent topics and threats including Cryptocurrency, Cryptocurrency Mining, Fake News, Terrorism, and more.
In an article on ITPro, Jeff Finn writes about how the state of IoT cybersecurity is reaching a tipping point, forcing IoT device manufacturers to work partners that excel at networking. “The writing on the wall for IoT device manufacturers is to get serious about security and develop fruitful channel partnerships with network technology providers.
Once you see this vulnerability in action, it’s easy to imagine how easily devices can be exploited. Simple vulnerability hacks and tactics such as this can be used in coordination with home routers, smart speakers, video surveillance equipment, and much more to create havoc.