Independent Contractor. Bitcoin: 15Zvie1j8CjSR52doVSZSjctCDSx3pDjKZ Email: dancho.danchev@hush.com OMEMO: ddanchev@conversations.im | OTR: danchodanchev@xmpp.jp | TOX ID: 2E6FCA35A18AA76B2CCE33B55404A796F077CADA56F38922A1988AA381AE617A15D3D3E3E6F1
Monday, July 07, 2008
The ICANN Responds to the DNS Hijacking, Its Blog Under Attack
Last week, the ICANN has issued an official statement regarding last month's DNS hijackings of some of their domains :
"The DNS redirect was a result of an attack on ICANN's registrar's systems. A full, confidential, security report from that registrar has since been provided to ICANN with respect to this attack.
It would appear the attack was sophisticated, combining both social and technological techniques, but was also limited and focused. The redirect was noticed and corrected within 20 minutes; however it may have taken anywhere up to 48 hours for the redirect to be entirely removed from the Internet. ICANN is confident that the lessons learned and new security measures since introduced will ensure there is not a repeat of this situation in future."
They also mentioned that their Wordpress blog has also been a target of a recent attack automatically exploiting vulnerable Wordpres blogs :
"In a separate and unrelated incident a few days later, attackers used a very recent exploit in popular blogging software Wordpress to target the ICANN blog. The attack was noticed immediately and the blog taken offline while an analysis was run. That analysis pointed to an automated attack. The blogging software has since been patched and no wider impact (except the disappearance of the blog while the analysis was carried out) was noted."
Go through the complete coverage of the incident, the technical details regarding it, and the actionable intelligence obtained for the NetDevilz hacking group, in case you haven't done so already.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment