Chicago IT Support & Cyber Security | Forward Technologies

Chicago-based Forward Technologies delivers IT support and cyber security to businesses in the Chicago area and nationwide.

  • Home
  • Services
    • Outsourced IT Support
    • DMARC Email Security
    • Development
      • Web Development & Facelifts
      • CustomView: Plugin for WordPress
    • Data Recovery Service
    • PPC Marketing Services
    • SEO Services
  • Email Security
    • SPF Basics
    • DKIM Basics
    • DMARC Basics
    • Email Security Consulting
  • Data Recovery Service
  • Blog
  • Contact Us

12 Rogue Certificates for Cloudflare’s DNS Raise Global Security Alarm

September 6, 2025 by Edward Silha

Cartoon-style illustration of a giant padlock labeled “1.1.1.1 DNS” with broken certificate chains, symbolizing compromised trustOn Wednesday, researchers uncovered three improperly issued TLS certificates for Cloudflare’s 1.1.1.1 DNS service, encrypted DNS lookup used by millions. The concern was clear: anyone with those credentials could impersonate Cloudflare’s resolver, decrypt user traffic, or redirect queries to malicious sites.

Further investigation revealed the breach was worse than initially thought. Cloudflare confirmed that Fina CA—a Microsoft‑trusted certificate authority, had in fact issued a total of twelve unauthorized certificates for 1.1.1.1 since February 2024. [Read more…]

Filed Under: Blog, Cybersecurity, Tech In General Tagged With: 1.1.1.1, CA accountability, certificate authority, certificate mis-issuance, Certificate Transparency, Cloudflare, DNS over HTTPS, DNS over TLS, DNS security, encryption, Fina CA, internet trust, Microsoft root store, Microsoft trust, PKI, TLS certificates, TLS mis-issuance, web security

Hackers Hide Malware in DNS Records to Evade Detection

July 16, 2025 by Edward Silha

An endpoint computer receiving a DNS response, which reassembles into a malicious script, shown as puzzle pieces forming a bug icon at the user’s terminal.A new cybersecurity threat is emerging as attackers use DNS records—the very system that directs internet traffic—to hide malware. Instead of relying on email attachments or suspicious downloads, bad actors are embedding malicious payloads into DNS TXT records. This method sneaks malicious code past traditional defenses because security tools often ignore DNS traffic.

DNS, or Domain Name System, acts like the internet’s phonebook, translating domain names into IP addresses. It is so fundamental and routine that most security systems allow it without scrutiny. That makes it a perfect hiding place. According to researchers at Infoblox, attackers are disguising shellcode—malicious binary instructions—inside base64-encoded TXT records. These look like harmless text but are reassembled and executed by compromised devices once fetched.  [Read more…]

Filed Under: Blog, Cybersecurity Tagged With: Cobalt Strike, cybersecurity, cybersecurity threats, data exfiltration, DNS blind spot, DNS malware, DNS security, DNS tunneling, DNS TXT records, DNS-based attacks, DomainTools, Infoblox, TXT records, zero trust

Social Media

  • Facebook
  • GitHub
  • LinkedIn
  • Periscope
  • Twitter

Forward Technologies
747 N LaSalle
STE 500B
Chicago, IL 60654
(312) 715-7806

Copyright © 2025 — Forward Technologies • All rights reserved. • Privacy Policy •