Recherche : [domain] - Cyberveille

Swiss tax authority forced to buy Bahamas domain name after URL typo https://techcrunch.com/2025/01/31/swiss-tax-authority-forced-to-buy-bahamas-domain-name-after-url-typo/

01/02/2025 10:45:59

What do you do if a web address you printed on a physical flyer contains a typo, and you send that flyer to more than 100,000 households? Well, if you're

We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI https://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/

11/09/2024 21:45:21

We recently performed research that started off "well-intentioned" (or as well-intentioned as we ever are) - to make vulnerabilities in WHOIS clients and how they parse responses from WHOIS servers exploitable in the real world (i.e. without needing to MITM etc).

As part of our research, we discovered that a few years ago the WHOIS server for the .MOBI TLD migrated from whois.dotmobiregistry.net to whois.nic.mobi – and the dotmobiregistry.net domain had been left to expire seemingly in December 2023.

ICANN approves use of .internal domain for your network https://www.theregister.com/2024/08/08/dot_internal_ratified/

09/08/2024 11:06:24

Vint Cerf revealed Google already uses the string, as do plenty of others

Don’t Let Your Domain Name Become a “Sitting Duck” https://krebsonsecurity.com/2024/07/dont-let-your-domain-name-become-a-sitting-duck/

03/08/2024 01:55:47

More than a million domain names -- including many registered by Fortune 100 firms and brand protection companies -- are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars,…

Mail in the middle – a tool to automate spear phishing campaigns https://sensepost.com/blog/2024/mail-in-the-middle-a-tool-to-automate-spear-phishing-campaigns/

03/03/2024 11:32:26

The idea is simple; take advantage of the typos that people make when they enter email addresses. If we positioned ourselves in between the sender of an email (be it a person or a system) and the legitimate recipient, we may be able to capture plenty of information about the business, including personally identifiable information, email verification processes, etc. This scenario is effectively a Person-in-the-Middle (PiTM), but for email communications.

How a tiny Pacific Island became the global capital of cybercrime https://www.technologyreview.com/2023/11/02/1082798/tiny-pacific-island-global-capital-cybercrime/

02/11/2023 18:49:09

Despite having a population of just 1,400, until recently, Tokelau’s .tk domain had more users than any other country. Here’s why.

File Archiver In The Browser https://mrd0x.com/file-archiver-in-the-browser/?no-cache=1

23/05/2023 22:05:36

This article explores a phishing technique that emulates a file archiver software in the browser while using a .zip domain.

Domain Shadowing: A Stealthy Use of DNS Compromise for Cybercrime https://unit42.paloaltonetworks.com/domain-shadowing/

22/09/2022 15:39:32

Domain shadowing is a special case of DNS hijacking where attackers stealthily create malicious subdomains under compromised domain names.

Nothing Has Changed: Website Retailers Selling Domains Meant for Illicit Goods and Services, Digital Citizens Alliance Investigation Finds https://www.prnewswire.com/news-releases/nothing-has-changed-website-retailers-selling-domains-meant-for-illicit-goods-and-services-digital-citizens-alliance-investigation-finds-301572036.html

22/06/2022 09:32:28

Domain names geared to offer illicit goods and services – from illegally purchased guns to opioids to Covid vaccine cards – remain easy to...

The Cybersecurity 202: Internet domain names are ripe for scam during coronavirus crisis https://www.washingtonpost.com/politics/2020/09/08/cybersecurity-202-internet-domain-names-are-ripe-scam-during-coronavirus-crisis/

22/06/2022 08:52:33

Companies including GoDaddy are making it easy for criminals to scoop up websites for dangerous coronavirus scams, researchers say.

Dec0ne/KrbRelayUp: KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings). https://github.com/Dec0ne/KrbRelayUp

27/04/2022 10:54:45

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings). - GitHub - Dec0ne/KrbRelayUp: KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

Liens par page

Filtres