Posted on

Spammers hijack Microsoft subdomains to advertise poker casinos

In an interview with ZDNet, Gaschet said that during the past three years, he’s been reporting subdomains with misconfigured DNS records to Microsoft, but the company has either been ignoring reports or silently securing some subdomains, but not all.

Researcher: Only 5%-10% got fixed
Gaschet says he reported 21 msn.com subdomains that were vulnerable to hijacks to Microsoft in 2017, and then another 142 misconfigured microsoft.com subdomains in 2019.

“The root cause/mistake is a forgotten DNS entry pointing to something that doesn’t exist anymore, or never existed, like a typo in the DNS entry content,” Gaschet told ZDNet.

Subdomain hijacks lead to spam on microsoft.com
But until now, these misconfigurations have never caused Microsoft any problems or headaches, despite being an attractive attack surface.

In a hypothetical scenario, an attacker could hijack one of these subdomains and host phishing pages to harvest login credentials for Microsoft employees, business partners or even its end-users.

The scenario is not something that has not been seen before.

Luckily, no dangerous threat groups have noticed this problem.

Sadly, others have.

Today, Gaschet pointed out on Twitter that at least one spam group has figured out they could hijack Microsoft’s subdomains and boost their spammy content by hosting it on a reputable domain.

Gaschet says he spotted ads for Indonesian poker casinos on at least four legitimate Microsoft subdomains. These include portal.ds.microsoft.com, perfect10.microsoft.com, ies.global.microsoft.com, and blog-ambassadors.microsoft.com.

Learn more

Posted on

How Artificial Intelligence Is Changing Cyber Security Landscape and Preventing Cyber Attacks

Whether it is Network Security, behavioral analytics, vulnerability management or phishing detection, AI and machine learning tools are indispensable while dealing with cyber security.

Source: Entrepreneur | Remesh Ramachandran | CISO | Security Researcher | Ethical hacker

The world is going digital at an unprecedentedly fast pace, and the change is only going to go even faster. The digitalization means everything is moving at lightning speed for business, entertainment, trends, new products, etc. The consumer gets what he or she wants instantly because the service provider has the means to deliver it. 

While the conveniences and benefits of this digital era are many, it also brings with it several negatives. One of the most significant and destructive threats it poses is that our private information is at risk like never before.

 

Posted on

Flipboard Database Hacked

Flipboard Database Hacked — 100 Million Users’ Account Information Exposed – The hackers potentially downloaded data(base) containing Flipboard users’ real name, usernames, cryptographically (salted hash) protected passwords and email addresses, including digital tokens for users who linked their Flipboard account to a third-party social media service.

Source: The Hacker News