NASA
untitled
Monterey Bay Aquarium

if i look back, i am lost
Mike Driver

@theartofmadeline

No title available
almost home
I'd rather be in outer space 🛸
trying on a metaphor

pixel skylines

No title available
🩵 avery cochrane 🩵
cherry valley forever

Kiana Khansmith
let's talk about Bridgerton tea, my ask is open
"I'm Dorothy Gale from Kansas"

Andulka
art blog(derogatory)
wallacepolsom
seen from Ukraine
seen from United States

seen from Germany
seen from United States
seen from Bangladesh

seen from Chile

seen from France
seen from United States
seen from Brazil

seen from Malaysia

seen from United States

seen from Malaysia

seen from Malaysia
seen from Italy
seen from Mexico

seen from Chile
seen from Singapore

seen from Malaysia
seen from Vietnam

seen from T1
@technologywhis
This infographic is a solid overview of common DNS attacks 🔐🌐—but a few entries are simplified or placed in slightly odd categories.
1. Cache manipulation and misdirection
These attacks aim to make users reach the wrong destination, even though they typed the correct website address.
* DNS cache poisoning/spoofing: False DNS information is inserted into a resolver’s cache. For example, bank.com could temporarily resolve to an attacker-controlled IP address.
* DNS hijacking: The attacker changes DNS settings at the domain registrar, router, endpoint, DNS provider, or ISP level. This is broader than cache poisoning because the legitimate DNS configuration itself may be altered.
* DNS rebinding: A malicious domain initially resolves normally, then later resolves to a private/internal IP address, such as 192.168.1.1. This may allow malicious JavaScript to communicate with routers, cameras, or internal applications.
* Typosquatting: An attacker registers a look-alike domain such as micros0ft.com or goggle.com.
Small correction: Typosquatting is definitely DNS-related, but it is not technically cache manipulation. It is primarily a domain registration and social-engineering attack.
⸻
2. Denial-of-service attacks
These attacks target availability, attempting to overwhelm DNS infrastructure so legitimate users cannot resolve domain names.
Amplification and reflection
The attacker sends a small DNS request while spoofing the victim’s IP address. DNS servers then send much larger responses to the victim.
That gives the attacker two advantages:
* Reflection: The traffic appears to come from legitimate DNS servers.
* Amplification: A relatively small request produces a much larger response.
DNS flooding
A DNS server receives more requests than it can process, exhausting:
* CPU
* Memory
* Bandwidth
* Connection or query-processing capacity
Random subdomain/NXDOMAIN attack
The attacker requests thousands or millions of nonexistent names, such as:
⸻
The big frameworks shown
STRIDE
Best for system design analysis.
It looks at six threat categories:
**S**poofing — pretending to be someone else
**T**ampering — changing data or files
**R**epudiation — denying an action happened
**I**nformation disclosure — leaking sensitive info
**D**enial of service — making systems unavailable
**E**levation of privilege — gaining higher access
STRIDE is one of the best ones to learn first. It maps nicely to Security+ and real-world app security.
⸻
DREAD
Used to score risk:
Damage
Reproducibility
Exploitability
Affected users
Discoverability
Basically: how bad is it and how easy is it to exploit?
Small warning though: DREAD can be subjective, so teams often use it carefully or combine it with other risk scoring methods.
⸻
PASTA
Process for Attack Simulation and Threat Analysis.
This one is more business-focused. It asks:
“How do real attackers behave, and how does that impact the business?”
Good for enterprise environments, risk teams, and serious security planning.
⸻
VAST
Visual, Agile, and Simple Threat modeling.
This is built for modern DevOps/agile teams where software changes fast.
Think: security built into the development pipeline.
⸻
Attack Trees
These are visual maps showing how an attacker could reach a goal.
Example goal:
Steal customer data.
Possible paths:
Phishing employee → steal password → bypass weak MFA → access database
or
Exploit web app bug → dump database → exfiltrate data
Attack trees are awesome because they make attacks feel like a flowchart.
⸻
Mac example 🍎💻
For a MacBook threat model:
Asset: your MacBook, Apple ID, passwords, files, external SSD
Threats: phishing, malware, stolen laptop, weak passwords, malicious browser extensions
Risk priority: Apple ID compromise is high impact
Controls: MFA, FileVault, strong passwords, YubiKey, software updates, backups, limited admin use
That is threat modeling in real life.
⸻
The best line on the image
“Think like an attacker. Defend like a pro.” 🔥
That is exactly the mindset:
You are not being paranoid — you are being prepared.
That is how SOC analysts, incident responders, security architects, and digital forensics people think.
Some people want the corner office. Others want the command line.”