CyberSecurityBoard
Sponsor Register Login

BIND 9 Vulnerabilities Expose Organizations to Cache Poisoning and DoS Attacks

For CVE-2025-40776, organizations should upgrade to BIND 9.18.38-S1 or 9.20.11-S1, or disable ECS by removing the ecs-zones option from named.conf. CVE-2025-40777 requires upgrading to BIND 9.20.11 or 9.21.10, with temporary workarounds including setting stale-answer-client-timeout off or stale-answer-enable no in configuration files. The vulnerabilities, identified as CVE-2025-40776 and CVE-2025-40777, pose significant security risks to DNS infrastructure, particularly for resolvers configured with specific advanced features. These vulnerabilities highlight the critical importance of maintaining updated DNS infrastructure, as both cache poisoning and denial-of-service attacks can severely compromise organizational security posture and service availability. Two critical vulnerabilities in the BIND 9 DNS resolver software are affecting organizations worldwide, with potential cache poisoning and denial-of-service attacks. CVE-2025-40776 (cache poisoning) and CVE-2025-40777 (denial-of-service) affecting BIND 9 resolvers.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 18 Jul 2025 08:10:12 +0000


Cyber News related to BIND 9 Vulnerabilities Expose Organizations to Cache Poisoning and DoS Attacks

What is SEO Poisoning Attack? - Search engine optimization (SEO) poisoning is a type of cyber attack that infiltrates search results. It consists of malicious search engine results created by an attacker attempting to redirect someone to malicious or vulnerable webpages. It is a ...
2 years ago Heimdalsecurity.com
BIND 9 Vulnerabilities Expose Organizations to Cache Poisoning and DoS Attacks - For CVE-2025-40776, organizations should upgrade to BIND 9.18.38-S1 or 9.20.11-S1, or disable ECS by removing the ecs-zones option from named.conf. CVE-2025-40777 requires upgrading to BIND 9.20.11 or 9.21.10, with temporary workarounds including ...
4 months ago Cybersecuritynews.com CVE-2025-40776
CVE-2021-25216 - In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, ...
3 years ago
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
How Purge Cache Keeps Your Website Content Fresh and Responsive - By bringing content closer to each visitor, CDNs improve performance and reduce load on the origin server - caching is the raison d'etre for CDNs. The reason for this is a CDN's effectiveness can be measured by the cache hit ratio, which is the ...
1 year ago Imperva.com
Data Poisoning: The Next Evolution of Ransomware That No One is Ready For - Wouldn’t it be reassuring to know that even in a world where digital deception is on the rise, your business had an extra layer of protection? While no single tool can completely eliminate cyber threats, integrating verification measures like these ...
7 months ago Cybersecuritynews.com
How to Prevent DNS Attacks: DNS Security Best Practices - To protect against attack, best practices must be applied to protect the DNS protocol, the server on which the DNS protocol runs, and all access to the DNS processes. Implementing these best practices will not only protect DNS but also network ...
1 year ago Esecurityplanet.com
Bind For Cleaning Blood And Bullet Marks In Counter-Strike 2 - One of the most needed functions in the CS console has always been a command that allows you to instantly remove all traces of blood and bullet marks on the walls. This bind is useful not only for aesthetic reasons - traces of blood have been proven ...
1 year ago Hackread.com
The year of Mega Ransomware attacks with unprecedented impact on global organizations - A Staggering 1 in every 10 organizations worldwide hit by attempted Ransomware attacks in 2023, surging 33% from previous year, when 1 in every 13 organisations received ransomware attacks Throughout 2023, organizations around the world have each ...
1 year ago Blog.checkpoint.com
ISC fixed high-severity flaws in DNS software suite BIND - The latest BIND updates patch multiple remotely exploitable vulnerabilities that could lead to denial-of-service. BIND is a suite of software for interacting with the Domain Name System maintained by the Internet Systems Consortium. The ISC released ...
2 years ago Securityaffairs.com CVE-2022-3094 CVE-2022-3736 CVE-2022-3924
CVE-2025-38066 - In the Linux kernel, the following vulnerability has been resolved: ...
5 months ago
CVE-2021-41589 - In Gradle Enterprise before 2021.3 (and Enterprise Build Cache Node before 10.0), there is potential cache poisoning and remote code execution when running the build cache node with its default configuration. This configuration allows anonymous ...
4 years ago
Warfare and Geopolitics are Fuelling Denial-of-Service Attacks - The analysis is based on 310 verified Denial-of-Service incidents during the reporting period of January 2022 to August 2023. A large-scale study is also included of publicly reported incidents. The study focuses on the motivations of attackers, ...
1 year ago Enisa.europa.eu
Google Chrome's new cache change could boost performance - Google is introducing a significant change to Chrome's Back/Forward Cache behavior, allowing web pages to be stored in the cache, even if a webmaster specifies not to store a page in the browser's cache. "Bfcache is an in-memory cache that stores a ...
2 years ago Bleepingcomputer.com
CVE-2025-38344 - In the Linux kernel, the following vulnerability has been resolved: ...
4 months ago
CVE-2023-30853 - Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. A vulnerability impacts GitHub workflows using the Gradle Build Action prior to version 2.4.2 that have executed the Gradle Build Tool with the configuration ...
2 years ago
CVE-2020-8625 - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered ...
3 years ago
CVE-2024-50278 - In the Linux kernel, the following vulnerability has been resolved: dm cache: fix potential out-of-bounds access on the first resume Out-of-bounds access occurs if the fast device is expanded unexpectedly before the first-time resume of the cache ...
1 year ago Tenable.com
How Healthcare Organizations can use ASPM to Fill CSPM Coverage Gaps and Save Money - In recent years, healthcare organizations have increasingly moved their healthcare information systems applications and infrastructure to the cloud to take advantage of its scalability, flexibility and cost-effectiveness. To mitigate these risks, ...
1 year ago Securityboulevard.com
Optimizing Cybersecurity: How Hackers Use Golang Source Code Interpreter to Evade Detection - Hackers have been upping the stakes when it comes to executing cyberattacks, and an increasingly popular tool in their arsenal is the Golang source code interpreter. Reportedly, the interpreter is used to obfuscate code, thus making it harder for ...
2 years ago Bleepingcomputer.com
10 Best Anti-Phishing Tools in 2025 - What is Good?What Could Be Better?Real-time email threat detection and response using AI and machine learning.Limited customer support optionsAutomates incident response to stop phishing attacks quickly.The training module is not entirely ...
4 months ago Cybersecuritynews.com
25 Best Managed Security Service Providers (MSSP) - 2025 - Pros & Cons: ProsConsStrong threat intelligence & expert SOCs.High pricing for SMBs.24/7 monitoring & rapid incident response.Complex UI and steep learning curve.Flexible, scalable, hybrid deployments.Limited visibility into endpoint ...
5 months ago Cybersecuritynews.com
Critical Vulns Found in Ray Open Source Framework for AI/ML Workloads - Organizations using Ray, the open source framework for scaling artificial intelligence and machine learning workloads, are exposed to attacks via a trio of as yet unpatched vulnerabilities in the technology, researchers said this week. Potentially ...
2 years ago Darkreading.com CVE-2023-48023 CVE-2023-48022 CVE-2023-6021
SEO Poisoning Targets China - SEO poisoning attacks have been increasingly targeting users in China, leveraging search engine optimization techniques to direct victims to malicious websites. These attacks manipulate search engine results to promote harmful content, often leading ...
2 months ago Infosecurity-magazine.com
Cybersecurity Weekly Recap: Latest on Attacks, Vulnerabilities, & Data Breaches - A critical SSRF vulnerability in Microsoft Power Platform’s SharePoint connector allowed attackers to impersonate users and access sensitive data. Ivanti patched a critical command injection vulnerability in its Cloud Services Appliance (CSA), ...
9 months ago Cybersecuritynews.com CVE-2025-0108 CVE-2024-53704 CVE-2024-52875 CVE-2023-20198 CVE-2023-20273 Winnti Group

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)