Speaker
Description
Every day, over 345 billion emails are sent around the globe, each triggering a number of DNS lookups to determine its destination and validity. It goes without saying, the security of DNS records, specifically TXT records, is vital. However, the phenomenon of dangling DNS—where CNAME records point to domains that no longer exist—presents a systemic vulnerability with significant implications.
In this talk, we shine a light on dangling DNS and how malicious actors can exploit orphaned DNS records to launch fraudulent email campaigns, effectively bypassing DNS security measures.
In this session, we will share:
Why this matters: with a technical deep dive into the exploit of dangling DNS records, (specifically TXT records) to edit the SPF include mechanism and send malicious emails.
Case studies based on our investigations, including the tools and queries used to uncover this vulnerability, demonstrating the scale of this issue.
Our recommendations to DNS service operators and the industry at large on coming together in a collaborative effort to proactively identify and notify customers at risk, as well as promote best practices for DNS security.
This is not an isolated issue. It is a pervasive problem that demands a collective effort. In this talk we will raise awareness and propose actionable steps to address this systemic challenge.
Summary
Every day, over 345 billion emails are sent around the globe, each triggering a number of DNS lookups to determine its destination and validity. It goes without saying, the security of DNS records, specifically TXT records, is vital. However, the phenomenon of dangling DNS—where CNAME records point to domains that no longer exist—presents a systemic vulnerability with significant implications.
| Talk duration | 20 Minutes (+5 for Q&A) |
|---|
