InfoSecBulletin Cybersecurity for mankind
Executive member of Asia Pacific Network Information Centre (APNIC) and One of key person of Internet initiative of japan (IIJ) Yoshinobu Matsuzaki said, “.bd has 4 nameservers. 3 of them, dns.bd, surma.btcl.net.bd and jamuna.btcl.net.bd are answering SERVFAIL to any .bd queries.
But they are answering some functional queries like id.server or hostname.bind. So I guess nameserver process is running, but falied to load bd zone information somehow. Remaining 1 nameserver, bd-ns.anycast.pch.net, is answering, but the SOA serial is 2023060867 which looks a bit old to me”.
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
Check Point Flaw Used to Deploy ShadowPad and Ransomware
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
Hacker chains multiple vulns to attack Palo Alto Firewall
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
In summary it is possible that there is something going wrong with the zone generation and transfer to the nameservers, which, coupled with an outdated DNSSEC signature issue, may be causing the bd domain name issue.
He also added, various issues can occur anywhere. The biggest challenge is whether we can use this case as a lesson and improve our operations better in the future.
Sumon Ahmed Sabir, CTO, Fiber@home said, apparently DNSSEC key expired last night. That is causing the outage. DNSSEC keys need to be updated before it expires. Either it can be done manually or can be done automatically through appliance. The key role over didn’t happened timely and causing this severe outage.
Suman Saha, Admin, Bangladesh Network Operators Group (BDNOG) said his social handle that the ” DNSSEC key has expired that is the reason the issue raised since last night” and he advised to Use ‘dnssec-validation no; ‘ in bind configuration to resolve .bd domains for the time being.
Wednesday (03 April) from morning, the users of .bd facing problems while browsing their sites accross the country. later BTCL issued a press release stating that for technical glitch the problems occur and it will be ok shortly as BTCL engineers are working on it.
There are nearly 40,000 government and private sites registered under the .bd domain managed by Bangladesh Telecommunications Company Ltd (BTCL)
In 2020, there was another server glitch due to an error in dot gov dot bd (.gov.bd) domain servers after 4:30om on Thursday and it continued for several hours resulting The websites of all government ministries and organization’s were down.
