9 min listen
The various ways attackers can mess with URLs, TLDs and DNS
FromTalos Takes
ratings:
Length:
14 minutes
Released:
Jun 30, 2023
Format:
Podcast episode
Description
We decided to have a web navigation extravaganza this week! Guilherme Venere and Jaeson Schultz from Talos Outreach have both long been researching the ways in which bad actors try to damage users' inherent trust in the internet. Most internet users interact with the web by typing in a URL or domain name into their web browser (i.e., google.com) expecting that will take them to the right place. But attackers have found various ways to mess with that series of handshakes that must take place. Guilherme and Jaeson talk to Jon about their past years of research into typosquatting domains, new TLDs that open up the door to data leaks, DNS manipulation and more. Additional reading:".Zip" top-level domains draw potential for information leaksDNS Hijacking Abuses Trust In Core Internet ServiceSea Turtle keeps on swimming, finds new victims, DNS hijacking techniquesSecurity implications of misconfigurationsDomain dumpster diving
Released:
Jun 30, 2023
Format:
Podcast episode
Titles in the series (100)
Talos Takes Ep. #58: It's time to get serious about protecting critical infrastructure by Talos Takes