Local Networks Go Global When Domain Names Collide
krebsonsecurity.com
|
Contributed by: Drex DeFord
Summary
The escalation of top-level domains (TLDs) has intensified a security issue where many organizations inadvertently send Microsoft Windows usernames and passwords to domains they do not own, due to previously non-existent TLDs now being available for registration. This flaw, known as "namespace collision," exposes sensitive data because organizations set up their internal authentication systems using what they thought were private domains. Security researcher Philippe Caturegli has been mapping this vulnerability by examining self-signed security certificates, uncovering more than 9,000 suspect domains. A significant portion of these are now registered, potentially allowing third parties to intercept credentials. Caturegli's findings highlight the scale of the issue, revealing that even critical infrastructures and government entities are affected. His research underscores the persistent and pervasive risk posed by outdated network configurations and the need for organizations to adopt more secure internal domain naming practices.