DHS Issues Emergency Directive on DNS Security

On January 22, 2019, the US-CERT released an emergency notice with regards to DNS Security. Details have been published that a .gov user account was fully compromised and that the attack could have been happening since 2017. Any personnel that manages a .gov domain has been mandated to provide DNS audit documents, enable two-factor authentication, change the password of any DNS Admin privileged account, and all within ten days. The applicability of this notice is not only .gov domains, as it stresses the importance and precaution that all domain managers should take when looking at DNS security. 

Relevant URL(s): https://www.darkreading.com/vulnerabilities-and-threats/dhs-issues-emergency-directive-on-dns-security/d/d-id/1333716