Saturday , June 20 2026
CISA

CISA Published Encrypted DNS Implementation Guidance

infosecbulletin Saturday , May 18 2024 International

CISA published a guide on using Encrypted Domain Name System (DNS) for federal civilian agencies to improve cybersecurity and meet OMB Memorandum M-22-09 requirements.

Traditionally, the DNS protocol didn’t have ways to make sure requests and responses were confidential, secure, or authentic. However, the M-22-09 guideline requires agencies to encrypt DNS traffic and use CISA’s Protective DNS capability for egress DNS resolution. This guide will help agencies implement technical capabilities for their networks, DNS infrastructure, on-premises endpoints, cloud deployments, and mobile devices.

CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices

By infosecbulletin / Saturday , June 20 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) asked Fortinet users with FortiGate devices on Thursday to act to protect...
Read More
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices

CISA: Splunk flaw under active exploit, patch by Sunday

By infosecbulletin / Saturday , June 20 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has asked federal agencies to protect their systems by Sunday from a...
Read More
CISA: Splunk flaw under active exploit, patch by Sunday

Texas data breach exposes 3 million driver’s licenses

By infosecbulletin / Saturday , June 20 2026
The Texas Parks and Wildlife Department (TPWD) revealed a data leak at its license system provider. This leak exposed private...
Read More
Texas data breach exposes 3 million driver’s licenses

Critical Cisco ISE Vulnerability Enables Remote Code Execution

By infosecbulletin / Friday , June 19 2026
Cisco has revealed critical security flaws in its Identity Services Engine (ISE). These flaws could let attackers run harmful code...
Read More
Critical Cisco ISE Vulnerability Enables Remote Code Execution

F5 Patches NGINX Flaw for Code Execution and DoS Attacks

By infosecbulletin / Thursday , June 18 2026
F5 has shared a security warning about serious flaws in NGINX. These issues could let attackers run any code and...
Read More
F5 Patches NGINX Flaw for Code Execution and DoS Attacks

FortiBleed: 70,000 Fortinet Firewalls Compromised Globally

By infosecbulletin / Wednesday , June 17 2026
A vast cyber spying operation called “FortiBleed” has quietly compromised more than 73,932 different Fortinet firewall URLs in 194 countries....
Read More
FortiBleed: 70,000 Fortinet Firewalls Compromised Globally

New Rokarolla Android malware hits 217 banking and crypto apps

By infosecbulletin / Wednesday , June 17 2026
A new Android banking trojan called Rokarolla is hitting 217 banking and cryptocurrency apps with a wide range of 137...
Read More
New Rokarolla Android malware hits 217 banking and crypto apps

Phishing Campaign Exploits Legitimate Microsoft Login Flow

By infosecbulletin / Tuesday , June 16 2026
Attackers are using Microsoft’s OAuth 2.0 Device Authorization Grant (device code) flow in a campaign to take control of Microsoft...
Read More
Phishing Campaign Exploits Legitimate Microsoft Login Flow

ALERT
Cisco SD-WAN Zero-Day, FortiSandbox and cPanel flaws exploited in attacks

By infosecbulletin / Tuesday , June 16 2026
Cisco on Monday told customers about a new SD-WAN product flaw used in attacks. The flaw, called CVE-2026-20262, is a...
Read More
ALERT Cisco SD-WAN Zero-Day, FortiSandbox and cPanel flaws exploited in attacks

“Panthalassa” builds floating AI data centers powered by ocean waves

By infosecbulletin / Tuesday , June 16 2026
Every American data center story these days follows almost the same pattern. Someone has the chips, someone has the cash,...
Read More
“Panthalassa” builds floating AI data centers powered by ocean waves

“As the operational lead for federal cybersecurity, CISA developed this guide to assist federal agencies with understanding and implementing key actions and protocols to begin encrypting DNS traffic,” said Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA. “This guide will help agencies progress further in their zero trust security journey. CISA continues our efforts and collaboration with agencies to modernize federal agency cybersecurity successfully and securely.”

This document provides resources to help agency personnel understand the requirements and engage in the transition work. It includes a high-level implementation checklist, recommendations for phased implementation, and technical guidance. Implementing encrypted DNS will align civilian agencies’ security architecture with zero trust principles.

This guide is for federal agencies, but all organizations are encouraged to use it as a benchmark for applying zero trust efforts.

 

Check Also

PeopleSoft

ShinyHunters claim stolen data from 100+ org via oracle PeopleSoft servers

Oracle PeopleSoft servers are under attack in ongoing data theft by the ShinyHunters gang, which …

Mail: [email protected]
© Copyright 2026, All Rights Reserved InfoSecBulletin