1 views collected around this technical thread.
Tencent Cloud DNSPod uncovered a massive May‑2024 campaign that hijacked home routers by altering their DNS settings to malicious IPs—using default credentials and firmware flaws—to redirect users to phishing or illegal sites, urging owners to check router DNS, reset devices, and change passwords.
This article provides a comprehensive overview of essential information security technologies, covering network attacks such as SQL injection, XSS, CSRF, DDoS, DNS and TCP hijacking, system vulnerabilities like stack overflow and privilege escalation, and core cryptographic concepts including symmetric/asymmetric encryption, key exchange, hashing, encoding, and multi‑factor authentication.
The article presents eight authentic production incidents—including JVM Full GC, memory leaks, idempotency flaws, cache avalanches, disk‑I/O thread blocking, MySQL deadlocks, DNS hijacking, and bandwidth exhaustion—detailing their causes, diagnostics, and practical remediation steps for engineers.
The article explains what HTTP and DNS hijacking are, illustrates real‑world examples, analyzes root causes such as ad injection and ISP caching, describes the resulting harms, and presents practical anti‑hijack techniques including data validation, HttpDNS, and logging strategies.
The article explains what HTTP and DNS hijacking are, illustrates real‑world examples, analyzes their causes and harms, and presents practical anti‑hijacking techniques such as data validation, HttpDNS, operator cache handling, and logging systems.
This article explains the mechanisms of HTTP and DNS hijacking, illustrates real‑world examples, analyzes their causes and impacts on mobile applications, and presents practical anti‑hijacking techniques such as data validation, HttpDNS, ISP cache handling, illegal redirect blocking, and monitoring strategies.