Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/briankrebs/statuses/113012273475184163">BrianKrebs (briankrebs@infosec.exchange)'s status on Saturday, 24-Aug-2024 04:11:23 JST</a><a href="https://infosec.exchange/@briankrebs" title="briankrebs@infosec.exchange"><img src="https://gnusocial.jp/avatar/21764-48-20231108132353.webp" width="48" height="48" alt="BrianKrebs" style="position: absolute; left: 0; top: 0;">BrianKrebs</a></section><article><p>New, by me: Local Networks Go Global When Domain Names Collide</p><p>The proliferation of new top-level domains (TLDs) has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didn’t exist at the time. Meaning, they are continuously sending their Windows usernames and passwords to domain names they do not control and which are freely available for anyone to register. Here’s a look at one security researcher’s efforts to map and shrink the size of this insidious problem.</p><p>From the story: </p><p>"It looks like all of the police cars there have a laptop in the cars, and they're all attached to this memrtcc.ad domain that I now own," Caturegli said, noting wryly that "memrtcc" stands for "Memphis Real-Time Crime Center."</p><p>Caturegli said setting up an email server record for memrtcc.ad caused him to begin receiving automated messages from the police department's IT help desk, including trouble tickets regarding the city's Okta authentication system.</p><p><a href="https://krebsonsecurity.com/2024/08/local-networks-go-global-when-domain-names-collide/" rel="nofollow noreferrer">https://krebsonsecurity.com/2024/08/local-networks-go-global-when-domain-names-collide/</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3560538#notice-6987162">In conversation</a><time datetime="2024-08-24T04:11:23+09:00" title="Saturday, 24-Aug-2024 04:11:23 JST">about 3 months ago</time> <span>from <span><a href="https://infosec.exchange/@briankrebs/113012273475184163" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@briankrebs/113012273475184163">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/3075978">A word cloud in the shape of a cloud, made up of different colored top-level domains, like .zone, .cloud, .center, .global and .ad.</a></label><br><a href="https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/012/269/913/214/232/original/da552c461a50b650.png" rel="external">https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/012/269/913/214/232/original/da552c461a50b650.png</a></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/3075979">Untitled attachment</a></label><br></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
BrianKrebs (briankrebs@infosec.exchange)'s status on Saturday, 24-Aug-2024 04:11:23 JST BrianKrebs
New, by me: Local Networks Go Global When Domain Names Collide
The proliferation of new top-level domains (TLDs) has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didn’t exist at the time. Meaning, they are continuously sending their Windows usernames and passwords to domain names they do not control and which are freely available for anyone to register. Here’s a look at one security researcher’s efforts to map and shrink the size of this insidious problem.
From the story:
"It looks like all of the police cars there have a laptop in the cars, and they're all attached to this memrtcc.ad domain that I now own," Caturegli said, noting wryly that "memrtcc" stands for "Memphis Real-Time Crime Center."
Caturegli said setting up an email server record for memrtcc.ad caused him to begin receiving automated messages from the police department's IT help desk, including trouble tickets regarding the city's Okta authentication system.
https://krebsonsecurity.com/2024/08/local-networks-go-global-when-domain-names-collide/
In conversationabout 3 months ago from infosec.exchangepermalink
Attachments
1. A word cloud in the shape of a cloud, made up of different colored top-level domains, like .zone, .cloud, .center, .global and .ad.
  https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/012/269/913/214/232/original/da552c461a50b650.png
2. Untitled attachment

Public

Embed Notice

HTML Code

Corresponding Notice