 |
Search
Engine Optimisation Web Log (BLOG)
Editor: Matt
Paines
| This News Blog is
dedicated to bringing news, information and innovations targeting the
Search Engine Optimisation industry.
Serious DNS bug sparks phishing fears
Major technology companies have been running security updates en masse to prevent hackers exploiting a newly detected vulnerability in the internet's domain name system (DNS).
The flaw, had it remained undetected, could have been exploited by criminals to poison a vulnerable DNS cache in order to redirect users to phishing sites.
American internet security specialist, Dan Kaminsky, discovered the glitch and has since been helping leading technology companies such as Cisco and Microsoft to address the issue.
He described the coordinated effort as the largest synchronised security update in the history of the internet.
The domain name system maps recognisable website addresses to their real numerical IP addresses, and by hijacking the system hackers would have been able to surreptitiously redirect users even if they had carefully entered the correct address.
The US Computer Emergency Readiness Team (CERT) refused to rule out the possibility of future security breaches.
It said that it was important to note that without changes to the DNS protocol, these mitigations could not completely prevent cache poisoning.
However, it added, if properly implemented, they reduced the chances of success for an attacker by several orders of magnitude and made attacks impractical.
Comment:
|
 |
|
| |
 JOIN
THE MAILING
LIST | |
 | | |
| | If
you'd like to receive occasional updates on what's happening in the world of Search
Engine Optimisation, then please give us your e-mail address | |
| | Your
privacy | |
| |
| |
| | |
|
