Skip to main content
  1. Home
  2. Computing
  3. News

Hackers begin attack using simple web flaw which affects most of the Internet

By

Hacker
hamburg_berlin/Shutterstock
Last week reports began to appear that a new vulnerability had been found in the Bind DNS server software. It was said to be such a simple denial of service exploit, and one that could affect so many different servers around the world, that unless those responsible for keeping systems updated patched it in short order, many of the most popular Internet destinations could be downed. It’s now just a few days later, and attacks have already begun.

“Because of its severity we’ve been actively monitoring to see when the exploit would be live,” Daniel Cid, founder and CTO of security firm Sucuri said in a blog post. He went on to point out that with the DNS server being such a major component of the Internet’s infrastructure, any downing of them on a large scale could see people’s ability to not only visit certain sites disappear, but could also affect email accounts.

Related: Logjam HTTPS exploit downgrades security to get at your data

Fortunately for those only just now discovering the problem, there is a simple fix. A patch was recently released that corrects the issue (available via Ars) and is currently the only method available to shore up a server’s defenses.

There is a method to discover if your server has been affected by the bug. To do so, check your logs for any mentions of “ANY TKEY.” If that turns up, chances are the DNS has been affected.

In reality, searching the logs for any mention of a TKEY request isn’t a bad plan, since they are not a common occurrence and are likely to indicate the exploitation of the security loop hole.

Keeping software up to date is always the best practice for protecting systems, but it’s not always easy with the way these flaws pop up.

Editors’ Recommendations

Topics
Jon Martindale
Jon Martindale
Computing Coordinator
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more