Last Week As A vCISO

Share this post

Don't Forget The Details

www.lastweekasavciso.com

Don't Forget The Details

Sometimes we spend all this time securing our infrastructure, workloads, and systems, but we forget the simple things. One of those things is Domain Name hijacking.

Ayman Elsawah
Mar 7, 2021
Share this post

Don't Forget The Details

www.lastweekasavciso.com

Sometimes we spend all this time securing our infrastructure, workloads, and systems, but we forget the simple things. One of those things is Domain Name hijacking.

Your domain name is really important to protect. Not only does it control your main webpage, but there are likely TONS of subdomains pointing to things from marketing landing pages to experimental and one off servers.

Taking over a whole domain or DNS entries is a like hitting a gold mine for an attacker. They can be subtle and only change minor entries or noisy and just shut down your website completely.

I put together a list of things you can do to protect your domain name.

  • Ensure contact details are made through anonymous/private registration

  • Ensure contact details are updated and accurate

  • Enable 2FA with your domain providers login (do not use SMS)

  • Lock your account to disable transferring until unlocked

  • Ensure the domain in your contact details have the same protections

You can also see an updated list on the CSL Docs Page: https://docs.cloudsecuritylabs.io/glossary#15-domain-hijacking-protection-and-prevention

Share this post

Don't Forget The Details

www.lastweekasavciso.com
Previous
Next
Comments
TopNewCommunity

No posts

Ready for more?

© 2023 Ayman Elsawah
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing