It is interesting how “productive” the folks in DC can be when they want to. But I ask what have you been doing for the last four years. Getting my whining out of the way, there is a lot of stuff happening in this last week of the outgoing administration. The Federal Trade Commission handed […]
Continue reading → [DISPLAY_ACURAX_ICONS]Want a .US Domain? Just Lie About It. The .US top level domains are a hotbed for phishing attacks. Apparently, this is due to lax oversight. In theory, the .US is managed by the US government, but the government outsources that to GoDaddy – who doesn’t have a stellar cybersecurity reputation to be polite. See […]
Continue reading → [DISPLAY_ACURAX_ICONS]I’ve never been a fan of GoDaddy for a variety of reasons, but now I have a major reason not to like them. In 2020 GoDaddy alerted 28,000 customers that an attacker used their credentials in 2019 to abuse their hosting accounts. That is over 3 years ago and that was the start of a […]
Continue reading → [DISPLAY_ACURAX_ICONS]GoDaddy has an interesting feature. If a hacker creates a FREE GoDaddy account they can and have created a whole bushel of mischief. If you have a free account, you can use GoDaddy’s managed DNS service for free for a limited amount of time. Only problem is that GoDaddy didn’t validate that you owned the domain […]
Continue reading → [DISPLAY_ACURAX_ICONS]CSO Online wrote an article on how easy it is to compromise the controls that ISPs and domain registrars have put it place. I will describe it in more detail in a minute, but here is the short version: Businesses are much more concerned about keeping customers happy than they are about keeping customers secure. […]
Continue reading → [DISPLAY_ACURAX_ICONS]