Hundreds of Web Sites Fall Into the Hands of Hackers
Hundreds of Web Sites Fall Into the Hands of Hackers
Return to the list of client alerts
Apparently not every company knows where every web server and subdomain is or what they are being used for.
A researcher discovered more than 240 of these domains.
And the domains are not owned by the corner candy store.
In fact, they are owned by Chevron, 3M, the Red Cross, Warner Brothers, Volvo, media giant Clear Channel and others.
So what is the issue with these forgotten subdomains.
Squatters. Just like the type that squat in vacant houses. Sometimes they burn those houses down. This is the digital equivalent.
Except these squatters are serving up porn, illegal gambling, escort services and other charming things that most companies would not like their names associated with.
Microsoft issued some guidance for companies that are using Azure to host these subdomains so they are serving up porn to people.
When we do risk assessments we often see domains not pointing to active web servers. Likely some of those are at risk.
Either delete subdomains you are not using or point them to an active server so that they can not be hijacked.
AND, make sure that server is patched and locked down.
For more details see this article in The Register.