August 1, 2024 at 05:28PM Russian cybercriminals are exploiting weaknesses in the Domain Name System (DNS) with the “Sitting Ducks” attack, allowing them to gain unauthorized access to domains for malicious activities like malware delivery and data exfiltration. Researchers estimate over 1 million vulnerable domains daily, emphasizing the need for domain owners to evaluate and … Read more
August 1, 2024 at 01:14PM Threat actors have hijacked over 35,000 registered domains in Sitting Ducks attacks, enabling them to claim a domain without accessing the owner’s account at the DNS provider or registrar. Based on the meeting notes, it seems that threat actors have carried out attacks, known as Sitting Ducks attacks, by hijacking … Read more
July 16, 2024 at 08:01AM Cyber attackers exploited a flaw in Squarespace’s domain migration, compromising crypto platforms’ DNS records, redirecting visitors to potentially malicious pages. Attackers potentially gained access to Google Workspace, elevating their privileges and controlling billions of dollars of assets. Affected platforms have regained control, and Squarespace has tightened security measures. Users are … Read more
July 15, 2024 at 09:47AM Security researchers claim a series of DNS hijackings in web3 businesses are linked to Squarespace’s acquisition of Google Domains. Issue arose from Squarespace’s migration method, allowing cybercriminals to guess admin email addresses and register them. Attacks aimed to change DNS records, rerouting visitors to phishing sites. Firms impacted include Compound … Read more
May 2, 2024 at 05:06PM North Korean hackers use weak DMARC configurations to impersonate organizations in phishing attacks against individuals targeted by the Kim Jong Un regime. FBI and NSA warn about APT Kimsuky’s exploiting of this vulnerability, posing significant risks. Proper DMARC, SPF, and DKIM configuration are crucial for preventing such cyber threats. Based … Read more
February 28, 2024 at 05:49AM Registrars like GoDaddy and 101domain offer the GlobalBlock solution to reserve domain space and protect trademarks by preventing registration of similar and misspelled domains. This includes homograph attacks using visually similar characters. However, concerns arise regarding potential limitations on free speech and domain hoarding. Prices start at $5,999 annually at … Read more
January 17, 2024 at 01:34AM Netcraft discovered that scammers are exploiting cheap domain names to promote fake health products through deceptive news campaigns, mimicking popular news outlets and falsely claiming endorsements from TV shows like Shark Tank and Dragons’ Den. The proliferation of new global top-level domain names, such as .sbs and .cloud, at low … Read more