As if DNS isnt important enough for cyber defence, if you’re not careful it might lead to akl sorts if issues
Was it DNS? It’s always DNS. In this case, DNS (Domain Name System) is filled with sitting ducks (Ducks Now Sitting) for domain name hijacking. Multiple threat actors have been exploiting this attack vector which we are calling Sitting Ducks since at least 2019 to perform malware delivery, phishing, brand impersonation, and data exfiltration. As of the time of writing, numerous DNS providers enable this through weak or nonexistent verification of domain ownership for a given account. There are an estimated 1M exploitable domains and we have confirmed 30k+ hijacked domains since 2019. Researchers at Infoblox and Eclypsium, who discovered this issue, have been coordinating with law enforcement and national CERTs since discovery in June 2024.
While these circumstances may seem unusual, they are very common. Multiple threat actors are actively exploiting this attack vector and we expect the true extent of the issue to be much larger than currently known. Active exploitation has been validated with continued research uncovering expanding risk.
https://eclypsium.com/blog/ducks-now-sitting-dns-internet-infrastructure-insecurity
Live & Learn