t2

DNS records (part 3) – The final pluck

DNS records (part 3) – The final pluck

In the final (?) part of our investigation into abandoned DNS records and the risk that they present to organisations, we’ll review ‘elastic’ IP addresses as supported by the various cloud providers including AWS, Azure and Google Cloud. For the most part (because we’re most familiar with it) we will be using AWS as our […]

Still dangling! (DNS records – part 2)

Still dangling! (DNS records – part 2)

In our previous post, we examined the risks of leaving ‘dangling’ CNAME records pointing to DNS zones which are not under the domain-owner’s sole control. The consequences include increased risk of successful phishing attacks as well as reputational damage. The examples given in that post focused on Azure ‘App Services’ as those services are vulnerable […]

DNS records – abandon at your peril

DNS records – abandon at your peril

Recently, there has been some interesting news describing how attackers have been able to take over various subdomains by taking advantage of abandoned DNS records. To recap, this is a security mis-configuration issue: A victim organisation sets up (perhaps in a testing scenario) a service on a public cloud provider such as Azure. The organisation […]

Scareware v1 – Just silly… probably

Scareware v1 – Just silly… probably

Along with lots of other people on the Internet, you’ve probably received an unsolicited email, not only threatening you but claiming to have stolen your password and hacked your web cam.  The emails generally go along the following lines: While poorly worded, the email can certainly appear alarming and indications are that perhaps the attacker […]