Speaker
Description
While lame delegation may be a warning in the DNS operators world, we discovered this past summer that it is a goldmine in the cybercrime operators world. In many DNS service providers, the malicious actor can claim the forgotten domain, leaving less fingerprint than a traditional dangling CNAME hijack. If there were concerns in the DNS community of this hijacking vector, it wasn't heard over in the security community, even after high profile attacks in 2019. Russian threat actors operate with impunity on free accounts, their delivery of malware and phishing going undetected over the last four years. This talk will detail several of the actors using this method to support their criminal activities and invite discussion about how to minimize this attack vector in the future.
Talk duration | 10 Minutes (+5 for Q&A) |
---|