3 matches found
Supply Chain Insecurity: Exposing Vulnerabilities in IOS Dependency Management Systems
Dependency management systems are a critical component in software development, enabling projects to incorporate existing functionality efficiently. However, misconfigurations and malicious actors in these systems pose severe security risks, leading to supply chain attacks. Despite the widespread...
Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery
A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including Amazon S3 buckets and Microsoft Azure endpoints, by leveraging misconfigurations in the Domain Name System DNS records. The hijacked domains are then used to host URLs...
Scan your exposure to domain and subdomain hijacking over 10's of cloud providers
Domain Hijacking is a well-known security issue that can be carried in many different ways. In addition to social engineering or unauthorized access to the domain owner’s account, the exploitation of neglected DNS records configured for cloud services is increasingly common. In the latter case, a...