US Thwarts DNS Hijacking Network Controlled by Russian APT28 Hackers
The FBI deployed a method to unplug US-based routers compromised by APT28 from the threat actor’s malicious network
Stay updated on DNS security with the latest news on threats, protection strategies, and expert insights into securing your domain systems.
Search across headline titles and summaries.
Background for this topic.
DNS is the distributed naming system that translates domain names into IP addresses and other service records. Its security matters because an attacker who compromises a registrar account, authoritative DNS server, or resolver can redirect users to an attacker-controlled service, disrupt access, or interfere with email and software updates. Forged replies and cache poisoning can produce similar redirection when validation is absent. DNS traffic can also carry command-and-control instructions or encoded data, although unusual queries require investigation rather than being treated as proof of compromise.
DNSSEC allows validating resolvers to authenticate signed DNS data, reducing spoofing and cache-poisoning risk; it does not encrypt queries or guarantee availability. Protect registrar and DNS-administration accounts with strong authentication and least privilege, restrict recursion and zone transfers, patch DNS software, and use redundant authoritative infrastructure. Monitor record changes, resolver errors, query volumes, and patterns such as long, frequently changing subdomains to support detection of hijacking, outages, or DNS tunneling.
Weekly headline count for the current query.
The FBI deployed a method to unplug US-based routers compromised by APT28 from the threat actor’s malicious network
Newly identified malicious campaigns are linked to virtual private servers modified by APT28 to operate as malicious DNS servers
OpenAI has patched vulnerability, which Check Point said was because of a DNS loophole
DNS-based attack in AWS Bedrock AgentCore lets AI sandboxes exfiltrate cloud data
During Infosecurity Europe 2025, Nick Woodcraft, from the UK Government, shared his experience in implementing measures to protect domains within the .gov.uk DNS namespace
A PhaaS platform, dubbed 'Morphing Meerkat,' uses DNS MX records to spoof over 100 brands and steal credentials, according to Infoblox Threat Intel
Over 1 million domains are vulnerable to “Sitting Ducks” attack, which exploits DNS misconfigurations
The Msupedge backdoor communicates with a command-and-control server by using DNS traffic
166 Olympics-related domains displayed signs of DNS abuse like keyword stuffing and typosquatting
Volexity claims the StormBamboo group compromised an ISP to push malicious software updates to customers
Palo Alto Networks warns threat actors are using DNS tunneling techniques to probe for network vulnerabilities
Zscaler also confirmed MadMxShell uses DLL sideloading and DNS tunneling for C2 communication
Infoblox said Savvy Seahorse uses fake ChatGPT and WhatsApp bots to lure victims
Local authorities urged to sign up today
Decoy Dog used DNS for C2 and is suspected to be employed in ongoing nation-state cyber-attacks
The new feature can infiltrate WiFi routers and undertake DNS hijacking
Digital transformation and remote working take their toll