DHS orders DNS security for federal agencies
  • January 23, 2019 by RenditionSec
  • DNS, MFA

DHS has ordered that federal agencies must update the security of their DNS, all while the government shutdown continues.

The move is in response to reports from FireEye and Talos that attackers have been compromising DNS and using that access to issue fraudulent TLS certificates.

During incident response engagements with Rendition Infosec customers, we have seen cases of DNS tampering. In most cases these attacks were used to host exploit kits and spam landing pages. Use by APT groups to facilitate man in the middle access or outright intellectual property theft would certainly be more concerning.

Jake Williams, Rendition Infosec founder, recorded this video to explain the significance of the order. The implications are the same whether you work in government or not. Honestly, you probably have more security concerns with DNS if you use a commercial registrar.

Of course, if you have more questions about cybersecurity monitoring or incident response, don’t hesitate to contact Rendition Infosec.

Your cart

This will be copy area - something to the effect of estimated ship time if applicable


Rendition's advanced courses contain the latest in information security knowledge. Please contact us for more information.

This page has proprietary information in it, please contact us for more information.