Researchers have uncovered a vulnerability in the Domain Name System that could enable attackers to keep a malicious domain accessible online after deletion.
"A paper jointly authored by researchers in China, the United States and Spain found that a flaw in DNS allows deleted domains to persist in the cache of certain DNS servers -- potentially forever," writes Threatpost's Paul Roberts.
"The paper, 'Ghost Domain Names: Revoked Yet Still Resolvable,' [PDF file] was published on the Web site of ISC, the Internet Systems Consortium," Roberts writes. "In it, researchers from Tsinghua University in China, The Universities of Georgia and Oregon in the U.S.A. and Carlos III University in Madrid, Spain, discuss a vulnerability in a common feature of DNS servers known as DNS cache update that prevents the revocation of malicious domains."
Go to "Researchers Warn Of 'Ghost Domain' Flaw in DNS" to read the details.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.