Domain & DNS Security Quarterly Update

New! Retail Sector DNS Security Benchmark Report

This report benchmarks the DNS security posture of 25 of the largest players in the US Retail Sector. It analyzes their (aggregated) domain portfolio assets and public (external) DNS attributes, pinpointing security exposures to malware, ransomware, and phishing. The audit confirms that organizations’ DNS security compliance requires urgent attention to mitigate the global rise in cyber threats targeting retail enterprises.

See the benchmark report here →

Healthcare DNS Security Survey Highlights

Insecure Redirects

39.5% of Redirects Fail Insecure Redirects pose high risk vulnerability to Man-In-The Middle (MITM) and/or session eavesdropping.

Dangling CNAMES

15.9% of CNAMES Fail Dangling CNAMES are vulnerable to take over and expose retailers to phishing attacks.

SPF Coverage Gaps

59.4% SPF Failures Most of the domains are either not covered by or have invalid SPF records, creating exposure to phishing attacks.

Enterprise Risk

These vulnerabilities and others identified in the 2024 DNS Security Benchmark Report can result in phishing, malware, ransomware, brand compromise, and hijacking that can have significant brand damage and costs. Secondly, failure to have full IT change controls and monitoring over critical DNS network risks non-compliance with InfoSec frameworks.

Best Practice Solution

All domains and DNS network configurations should be managed under a change control system, monitored by a network vulnerability audit system.

See the benchmark report here →

Domain and DNS Security News

New Sitting Ducks DNS Attack Puts Millions of Domains at Risk of Hijack Malicious actors are hijacking registered domains in what is being called Sitting Ducks attacks, which put millions of domains at risk of takeover. Learn more about the attacks and what domain owners can do to protect themselves. Read more →
Back to basics: Why DNS is still foundational even as technology evolves AI and other new technologies are rapidly expanding the cybercrime landscape, making a solid cybersecurity foundation more critical than ever. DNS is a vital aspect of this foundation. Read more →

Domain, DNS and TLS Security Resources

Healthcare Sector DNS Security White Paper An in-depth analysis of domain and DNS security issues unique to the healthcare sector. Get white paper →
Why your Enterprise is Exposed on the DNS A review of the DNS security issues affecting essentially all medium & large organizations. Read more →
M&A Guide to Acquire Domains & DNS The unique DNS security issues every M&A deal faces and how to prevent them. Download guide →