Vulnerabilities / Threats
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Cloud security researchers from Wiz.io were poking around at Amazon Web Services' Route53 Domain Name Service (DNS) earlier this year when they suddenly realized that its self-service domain registration system let them set up a new hosted zone with the same name as the real AWS name server it was using. Within seconds, they watched in shock as their phony name server got flooded with DNS queries from other AWS customers' networks: external and internal IP addresses, computer names for finance, human resources, production servers, and organization names.
All told, they got traffic from more than 15,000 different AWS customers and a million endpoint devices, all after registering a phony AWS name server as ns-852.awsdns-42.net, the same name as an actual AWS name server.
