cognitive cybersecurity intelligence

News and Analysis

Old WHOIS domain could have issued countless fraudulent TLS/SSL certificates

Researchers at watchTowr Labs spent $20 to purchase an expired .mobi top-level domain (TLD) from an inactive WHOIS server. After a few days, they were hit with around 2.5 million WHOIS queries from over 135,000 distinctive systems. The team’s actions demonstrated that many organisations have not updated their systems to recognise the current .mobi WHOIS server. If a malicious actor had the outdated domain, this could lead to issues such as issuing fraudulent SSL/TLS certificates or obtaining remote code execution.

Source: packetstormsecurity.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

Record Coupang fine, attack on Claude Code users, and other cybersecurity news – ForkLog

Record Coupang fine, attack on Claude Code users, and other cybersecurity news – ForkLog

Record Coupang fine, attack on Claude Code users, and other cybersecurity news ForkLog

Extradited Ukrainian Man Admits Role in Conti Ransomware Attacks – Hackread

Extradited Ukrainian Man Admits Role in Conti Ransomware Attacks – Hackread

Extradited Ukrainian Man Admits Role in Conti Ransomware Attacks Hackread

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even

Zero Trust For AI In Defense Networks

Zero Trust For AI In Defense Networks

There is always a moment before the mistake. It is the meeting where someone says the model works. The dashboard looks clean. The demo lands.