Ongoing Hijack DNS Attack to be Found

Attackers use old vulnerabilities and they are targeted at unupdated consumer devices
05 April 2019   1308

Researchers at Bad Packets revealed a continuing wave of automated attacks from December aimed at changing DNS settings on home and office routers. In case of a successful attack on the device, DNS servers of attackers are registered, which return fake IP addresses for some domains, which leads to redirection to scam sites created for phishing and capturing authentication parameters.

The attack is aimed at hitting routers running non-updated firmware containing known vulnerabilities. For example, to attack D-Link devices, a vulnerability identified as early as 2015 is used, allowing you to change the DNS settings without passing authentication. To scan the network, hacked Google Cloud environments are used.

During the attack, D-Link routers (DSL-2640B, DSL-2740R, DSL-2780B and DSL-526B), ARG-W4 ADSL, DSLink (260E), Secutech and TOTOLINK are affected. The largest number of compromised systems falls on the D-Link DSL-2640B (14327 vulnerable devices) and TOTOLINK (2265 vulnerable devices) devices. After a successful attack on the device, one of the DNS servers controlled by the attackers is registered: 144.217.191.145, 66.70.173.48, 195.128.124.131 and 195.128.126.165.

Apache NetBeans 11.3 to be Rolled Out

The new version of popular Java IDE brings a log of changes and updates
05 March 2020   431

Organization The Apache Software Foundation introduced the Apache NetBeans 11.3 IDE. This is the fifth release prepared by the Apache Foundation after the transfer of NetBeans code by Oracle and the first release after the project was transferred from the incubator to the category of primary Apache projects. The release contains support for the Java SE, Java EE, PHP, JavaScript, and Groovy programming languages.

The expected integration of support for C / C ++ languages ​​from version 11.3 of the code base provided by Oracle has been postponed to the next release. It is noted that all the possibilities related to the development of projects in C and C ++ are ready, but the code is not yet integrated. Before built-in support, developers can install through the Plugin Manager modules for development in C / C ++, previously released for NetBeans IDE 8.2. In April 2020, it is planned to publish the release of Apache NetBeans 12, which will be accompanied as part of an extended support cycle (LTS).

Key NetBeans 11.3 innovations:

  • Added additional dark interface display modes - Dark Metal and Dark Nimbus.
  • A new FlatLaf theme has been proposed.
  • Improved support for high pixel density (HiDPI) screens and the simplified HeapView widget.
  • Added support for the Java SE 14 platform, scheduled for release March 17th.
  • Added support for pattern matching in the instanceof operator, which allows you to immediately define a local variable for accessing the checked value.
  • Added support for the launch mode in Java 11 for programs delivered in the form of a single source file
  • Added the ability to reverse the conversion of text blocks that appeared in the last issue, including multiline text data without the use of character escaping in them.
  • The code for developing applications based on Java EE is expanded with support for the JSF 2.3 specification, including auto-completion of constructs such as "f: websocket" and CDI artifact substitution
  • Improved Gradle build system support. Gradle Tooling API has been updated to version 6.0.
  • Added support for forced restart of projects.
  • For projects using the Maven build system, settings have been added to override the default JDK version.
  • TypeScript language support added to code editor
  • For projects on JavaScript, a connector has been established that provides a connection to Chrome;
  • For PHP, autocompletion of properties and methods without "$ this =>" is provided.
  • Work was done to get rid of warnings during compilation.
  • Updated Groovy 2.5.9, junit 5.5.2, and GraalVM 19.3.0 libraries.
  • Janitor adds a feature to identify and remove old and unused NetBeans directories.

Get more at the official website and the changelog.