Researchers at Guardio Labs have discovered a massive email ad fraud campaign based on thousands of hijacked domains and subdomains. Threat actors are carrying out SPF-hijacking to bypass spam security by leveraging legitimate domains to send millions of emails for malvertising and click scams for at least 16 months.
Domain registrar MarkMonitor had left more than 60,000 parked domains vulnerable to domain hijacking.
According to new research, cyber-attacks using DNS channels to steal data, DDoS victims, and deploy malware have grown in volume and cost throughout the pandemic.
Non-email sending (parked) domains can be used to generate spam email, but they’re easy to protect.
Global DNS downfall started by one engineer trying a quick fix The sound of rumbling rubber could be heard today as Salesforce threw an engineer responsible for a change that knocked it offline under a passing bus.
Management thinks that letting folks from WidgetCo log into widgetco.ourapp.com will really help make the sale. It seems harmless enough. But using a custom subdomain like this can open WidgetCo up to potential security issues.
Neustar, a global information services and technology company, has released a report from the Neustar International Security Council (NISC) which explores the rise in DNS security threats over the Christmas period.
If Cloudflare, AWS, or GoDaddy go down, around 40% of the Alexa Top 100,000 websites will also go down with DNS resolution problems.