seralys – PossibleThreat Articles

MasterCard DNS Error Went Unnoticed for Years

January 22, 2025 0 Comments A Little Sunshine, akam.ne, akam.net, Akamai, awsdns-06.ne, az.mastercard.com, Azure, bugcrowd, CloudFlare, Google, how to break into security, mastercard, philippe caturegli, seralys

Credit to Author: BrianKrebs| Date: Wed, 22 Jan 2025 15:24:41 +0000

The payment card giant MasterCard just fixed a glaring error in its domain name server settings that could have allowed anyone to intercept or divert Internet traffic for the company by registering an unused domain name. The misconfiguration persisted for nearly five years until a security researcher spent $300 to register the domain and prevent it from being grabbed by cybercriminals.

Independent Krebs Security

Local Networks Go Global When Domain Names Collide

August 23, 2024 0 Comments A Little Sunshine, active directory, andorra, dns name devolution, Latest Warnings, memphis real-time crime center, memrtcc.ad, mike barlow, mike o'connor, namespace collision, philippe caturegli, seralys, The Coming Storm, Web Fraud 2.0, web proxy auto-discovery protocol, wpad.ad, wpad.dk

Credit to Author: BrianKrebs| Date: Fri, 23 Aug 2024 14:12:31 +0000

The proliferation of new top-level domains (TLDs) has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didn’t exist at the time. Meaning, they are continuously sending their Windows usernames and passwords to domain names they do not control and which are freely available for anyone to register. Here’s a look at one security researcher’s efforts to map and shrink the size of this insidious problem.