Xuebing Du

JVL

bliss lane
taylor price

oozey mess
Misplaced Lens Cap
RMH
Mike Driver

noise dept.
wallacepolsom
Game of Thrones Daily

ellievsbear
d e v o n
$LAYYYTER
we're not kids anymore.
Jules of Nature
tumblr dot com
Sweet Seals For You, Always
seen from Guernsey
seen from France

seen from France

seen from Netherlands

seen from Malaysia
seen from United States

seen from Netherlands

seen from Germany

seen from Türkiye
seen from United States

seen from Malaysia
seen from United Kingdom

seen from Japan
seen from Netherlands

seen from Germany
seen from Türkiye
seen from Netherlands
seen from United Kingdom

seen from United States

seen from United States
@technologywhis

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.
Free to watch • No registration required • HD streaming
This infographic is a solid overview of common DNS attacks 🔐🌐—but a few entries are simplified or placed in slightly odd categories.
1. Cache manipulation and misdirection
These attacks aim to make users reach the wrong destination, even though they typed the correct website address.
* DNS cache poisoning/spoofing: False DNS information is inserted into a resolver’s cache. For example, bank.com could temporarily resolve to an attacker-controlled IP address.
* DNS hijacking: The attacker changes DNS settings at the domain registrar, router, endpoint, DNS provider, or ISP level. This is broader than cache poisoning because the legitimate DNS configuration itself may be altered.
* DNS rebinding: A malicious domain initially resolves normally, then later resolves to a private/internal IP address, such as 192.168.1.1. This may allow malicious JavaScript to communicate with routers, cameras, or internal applications.
* Typosquatting: An attacker registers a look-alike domain such as micros0ft.com or goggle.com.
Small correction: Typosquatting is definitely DNS-related, but it is not technically cache manipulation. It is primarily a domain registration and social-engineering attack.
⸻
2. Denial-of-service attacks
These attacks target availability, attempting to overwhelm DNS infrastructure so legitimate users cannot resolve domain names.
Amplification and reflection
The attacker sends a small DNS request while spoofing the victim’s IP address. DNS servers then send much larger responses to the victim.
That gives the attacker two advantages:
* Reflection: The traffic appears to come from legitimate DNS servers.
* Amplification: A relatively small request produces a much larger response.
DNS flooding
A DNS server receives more requests than it can process, exhausting:
* CPU
* Memory
* Bandwidth
* Connection or query-processing capacity
Random subdomain/NXDOMAIN attack
The attacker requests thousands or millions of nonexistent names, such as:

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.
Free to watch • No registration required • HD streaming
⸻
The big frameworks shown
STRIDE
Best for system design analysis.
It looks at six threat categories:
**S**poofing — pretending to be someone else
**T**ampering — changing data or files
**R**epudiation — denying an action happened
**I**nformation disclosure — leaking sensitive info
**D**enial of service — making systems unavailable
**E**levation of privilege — gaining higher access
STRIDE is one of the best ones to learn first. It maps nicely to Security+ and real-world app security.
⸻
DREAD
Used to score risk:
Damage
Reproducibility
Exploitability
Affected users
Discoverability
Basically: how bad is it and how easy is it to exploit?
Small warning though: DREAD can be subjective, so teams often use it carefully or combine it with other risk scoring methods.
⸻
PASTA
Process for Attack Simulation and Threat Analysis.
This one is more business-focused. It asks:
“How do real attackers behave, and how does that impact the business?”
Good for enterprise environments, risk teams, and serious security planning.
⸻
VAST
Visual, Agile, and Simple Threat modeling.
This is built for modern DevOps/agile teams where software changes fast.
Think: security built into the development pipeline.
⸻
Attack Trees
These are visual maps showing how an attacker could reach a goal.
Example goal:
Steal customer data.
Possible paths:
Phishing employee → steal password → bypass weak MFA → access database
or
Exploit web app bug → dump database → exfiltrate data
Attack trees are awesome because they make attacks feel like a flowchart.
⸻
Mac example 🍎💻
For a MacBook threat model:
Asset: your MacBook, Apple ID, passwords, files, external SSD
Threats: phishing, malware, stolen laptop, weak passwords, malicious browser extensions
Risk priority: Apple ID compromise is high impact
Controls: MFA, FileVault, strong passwords, YubiKey, software updates, backups, limited admin use
That is threat modeling in real life.
⸻
The best line on the image
“Think like an attacker. Defend like a pro.” 🔥
That is exactly the mindset:
You are not being paranoid — you are being prepared.
That is how SOC analysts, incident responders, security architects, and digital forensics people think.

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.
Free to watch • No registration required • HD streaming
Some people want the corner office. Others want the command line.”

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.
Free to watch • No registration required • HD streaming