Universal Plug and Play networking protocols can be exploited to bypass DDoS mitigations.

A domain name system server implementation is at risk of remote code execution, information exposure and denial-of-service attacks after a seven vulnerability were disclosed by Google and patched by the maintainers of Dnsmasq.

The Internet Systems Consortium patched the BIND domain name system this week, addressing what it calls a critical error condition in the software.

An unusual DDoS amplification attack was carried out 10 days ago against many of the Internet’s 13 root name servers, the authoritative servers used to resolve IP addresses. The attacks happened on Nov. 30 and again on Dec. 1, and each time, massive volumes of traffic, peaking at five million queries per second, were fired...