SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Tuesday, October 28th, 2025: Bytes over DNS; Unifi Access Vuln; OpenAI Atlas Prompt Injection
Oct 28, 2025
Explore the intriguing world of DNS as different characters are examined for transmission in hostnames. Unifi addresses a critical vulnerability in its Access product, posing a 10.0 risk. Discover the dangers of AI-enabled browsers, which increase security threats through unstructured data. A demonstration reveals how prompts can be injected into OpenAI's Atlas browser, risking data leakage. Dive into these compelling topics that highlight the evolving landscape of cybersecurity.
AI Snips
Chapters
Transcript
Episode notes
Reality Beats The RFC For DNS Hostnames
- DNS hostname character support differs between OS resolver libraries and recursive resolvers, altering what bytes can travel in covert channels.
- Cloudflare passes through almost any character while Windows' resolver is restrictive and Google normalizes letter case with an XOR scheme.
Choose Resolvers And Records Carefully
- If you plan DNS covert channels, prefer Cloudflare as your recursive resolver because it transmits characters without altering them.
- Use text records when possible to avoid hostname rules and transmit arbitrary characters safely.
Critical Unifi Access API Flaw
- A critical Unifi Access vulnerability allows unauthenticated full API access and scores a 10.0 severity.
- The impact likely includes bypassing door-lock controls and possible arbitrary code execution on the controller.