AWS Security ChangesHomeSearch

AWS Route53 medium security documentation change

Service: Route53 · 2025-11-19 · Security-related medium

File: Route53/latest/DeveloperGuide/resolver-dns-firewall-rule-settings.md

Summary

Added section explaining Dictionary DGA threats

Security assessment

The new Dictionary DGA documentation provides specific security guidance about a threat vector (malware using dictionary words for domain generation), enhancing awareness of DNS firewall protections.

Diff

diff --git a/Route53/latest/DeveloperGuide/resolver-dns-firewall-rule-settings.md b/Route53/latest/DeveloperGuide/resolver-dns-firewall-rule-settings.md
index 5ddc875e3..70ad17557 100644
--- a//Route53/latest/DeveloperGuide/resolver-dns-firewall-rule-settings.md
+++ b//Route53/latest/DeveloperGuide/resolver-dns-firewall-rule-settings.md
@@ -85,0 +86,4 @@ DNS tunneling is used by attackers to exfiltrate data from the client by using t
+  * Dictionary DGA
+
+Dictionary DGAs are used by attackers to generate domains using dictionary words to evade detection in malware command-and-control communications.
+