Let’s Encrypt exploited for fraudulent SSL certificates
A Security shortcoming in the mechanism used by Let’s Encrypt to validate web domain ownership create a loophole that allow cybercriminals to get digital certificates for domains more easily.
A team of researchers led by Haya Shulman, director of the Cybersecurity Analytics...
Portal Security: The Basics
Domain password security – the basicsHackers use basic hacks and social engineering techniques to obtain, or figure out, passwords that do not follow best practice configurations. It is crucial that you as a user are following best practice password management to...
Report: Domain Security and Enterprise Risk Management
Dave Piscitello, Dr. Colin Strutt, and Lyman Chapin of the Interisle Consulting Group released a report (click here) on 28 June 2021 looking at the adverse and costly consequences of domain abuse for enterprise brands. They explore how domain names can be incorporated into an...
Brand Protection: The Most Abused TLDs
Brand Protection: Most Abused TLDs
With the launch of various new TLDs over the last few years, it has become a near-impossible task for Brand owners to protect their brand across new TLDS. Brand owners are...
Don’t abandon your subdomain either
Subdomain Hijacking
In our last blog we wrote about the risks of culling or abandoning domain names, but what about subdomains? Arguably, abandoned subdomains pose as much a risk as culled domains. This article looks at the risks of not properly administering...