DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 22nd April 2019
e1-531g e1-531g is offline
ISO Quartermaster
 
Join Date: Mar 2014
Posts: 628
Default DNS hijacking campaign called Sea Turtle

DNS Hijacking Abuses Trust In Core Internet Service
Quote:
While this incident is limited to targeting primarily national security organizations in the Middle East and North Africa, and we do not want to overstate the consequences of this specific campaign, we are concerned that the success of this operation will lead to actors more broadly attacking the global DNS system. DNS is a foundational technology supporting the Internet. Manipulating that system has the potential to undermine the trust users have on the internet.
[..]
Once these credentials were captured, the user would then be passed to the legitimate service. to evade detection, the actors performed "certificate impersonation," a technique in which the attacker obtained a certificate authority-signed X.509 certificate from another provider for the same domain imitating the one already used by the targeted organization. For example, if a DigiCert certificate protected a website, the threat actors would obtain a certificate for the same domain but from another provider, such as Let's Encrypt or Comodo. This tactic would make detecting the MitM attack more difficult, as a user's web browser would still display the expected "SSL padlock" in the URL bar.
__________________
Signature: Furthermore, I consider that systemd must be destroyed.
Based on Latin oratorical phrase
Reply With Quote
 

Tags
dns, dns hijacking, dnssec, x.509 certificate

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Security iSpy:The CIA Campaign to Steal Apple’s Secrets J65nko News 5 17th March 2015 03:49 AM
Security Meet Mask, posssibly the most sophisticated malware campaign ever seen J65nko News 2 11th February 2014 02:16 PM
is that called a terminal? qmemo Off-Topic 1 20th May 2011 08:40 AM
hahaha noob mistake, file called -z... michaelrmgreen FreeBSD General 8 9th December 2008 12:12 AM


All times are GMT. The time now is 10:03 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick