This chapter serves as an introduction to the threats and vulnerabilities for the domain name system (DNS) infrastructure. These threats span those to which all network components are vulnerable, to those specific to the DNS protocol and server implementations, to broader network vulnerabilities thanks to the ubiquitous availability of DNS services. The chapter builds on the foundation of DNS architecture to define a trust model which is helpful for scoping the potential sources of vulnerabilities, and briefly introduces each vulnerability with an example attack vector. The chapter also examines design DNS risks, then malicious attacks on DNS infrastructure consisting of DNS servers within the organization's control and those on the Internet used within the process of name resolution. It further discusses more broadly targeted network attacks that leverage the DNS. A comprehensive defense in depth DNS security strategy is necessary to defend against them collectively.