Cybersecurity Asset Management

DNS Hijacking – Fredrik Nordberg Almroth – ESW #214

January 27, 2021

Fredrik Nordberg Almroth, Security Researcher at Detectify, tells the story of how he managed to claim the top-level domain of an entire country – the Congo (DRC), .cd – before any bad actors could snatch it up. He will also discuss domain takeovers (TLD as well as subdomains) and how they can be prevented. Key to this is to keep track of your assets and monitor them for vulns. Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

DNS Hijacking

Technical description of the .cd hack: https://blog.detectify.com/2021/01/19/dns-hijacking-taking-over-top-level-domains-and-subdomains/

A run-through of the basics of DNS hijacking: https://blog.detectify.com/2021/01/19/dns-hijacking-taking-over-top-level-domains-and-subdomains/

Guests

Fredrik Nordberg Almroth

Fredrik Nordberg Almroth -

Co-Founder & Head of Engineering at Detectify

Hosts

Adrian Sanabria

Adrian Sanabria -

Senior Research Engineer at CyberRisk Alliance

Paul Asadoorian

Paul Asadoorian -

Founder/CIO at Security Weekly/CyberRisk Alliance

Tyler Shields

Tyler Shields -

CMO at JupiterOne

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server!

Audio

[audio src="http://traffic.libsyn.com/sw-all/ESW_214_-_Fredrik_Almroth-0_converted.mp3"]
prestitial ad