Blog

In the world of cybersecurity, even small configuration oversights can lead to big problems. One such often-overlooked issue is dangling DNS records – DNS entries that point to resources that have been moved or decommissioned but were never removed from the DNS. In simple terms, these are stale DNS records still lingering in your configurations. They may seem harmless, but dangling DNS records can open the door for attackers to hijack your subdomains, impersonate your organization’s services, or intercept sensitive communications. For public sector agencies and IT administrators responsible for critical domains, ignoring DNS hygiene can have serious security implications. In this article, we explain what dangling DNS records are, why they are dangerous, and how to resolve and prevent them from a security perspective.

Our previous articles on Cloudflare have highlighted how the company's global infrastructure can, paradoxically, protect cybercriminals and how Cloudflare's own processes fall short when it comes to dealing with abuse. We have seen that Cloudflare's free platforms for pages and scripts are widely used for phishing and spreading malware, and that abuse reports are often met with automatic rejections instead of swift action. Critics have pointed to a ‘blind spot’ at Cloudflare: that the company's enormous reach and business model sometimes outweigh proactive security.

Cloudflare sits behind one in five websites, promising speed, and security. But the same infrastructure now hides an industrial scale phishing economy. For six (6) months we tracked more than +600 fake tiquetesbaratos.com fraud domains - multiple hosted on pages.dev or workers.dev and fraud domains levering the Cloudflare reverse-proxy DNS services. Abuse reports met the same copy paste dismissal: “Unable to confirm phishing.” This article investigates why Cloudflare’s processes fail, how that failure fuels criminals, and what lawmakers must do next.

In today’s evolving cyber threat landscape, email remains the most exploited attack vector. Business Email Compromise (BEC), phishing, spoofing, and impersonation attacks continue to surge, targeting enterprises, customers, and supply chains alike. As organizations strengthen their perimeter defence’s, securing the email channel has become not just a compliance requirement - but a critical business enabler. This is where DMARC (Domain-based Message Authentication, Reporting & Conformance) plays a pivotal role.

Cloudflare’s global content‑delivery and security network protects more than 30 million Internet properties. Yet the very features that shield legitimate sites -reverse‑proxy DNS, free developer platforms and low‑friction onboarding - also cloak phishing kits, malware command‑and‑control servers and extremist forums. 

Cybercrime is Booming: The past year has seen an unprecedented surge in cybercrime activity, much of it underpinned by domain name abuse. The total number of malware, phishing, and spam attacks grew by 54% year-over-year to reach 16.3 million incidents, with threat actors weaponizing an estimated 8.6 million unique domain names for these attacks.

What is new since Excedo’s October 2024 primer on KYC for domain name registrants? Why Article 28 still matters.

In today’s hyper-connected digital world, every millisecond matters - and so does every moment of downtime. While enterprises invest heavily in application availability, failover systems, and global content delivery, one crucial piece of infrastructure is often overlooked: Recursive DNS (Domain Name System). If your recursive DNS is not robust and resilient, your entire online presence is at risk - even if your servers are flawless. Here is why your business should prioritize a high-availability DNS strategy.

As cyber threats evolve, so too must the tools we use to protect against them. One of the most powerful standards in email security - DMARC (Domain-based Message Authentication, Reporting, and Conformance) - is undergoing a major evolution. The proposed update, known as DMARCbis, is a revised version of the original DMARC standard (RFC 7489), currently working its way through the IETF standardization process.

The cybersecurity landscape has undergone a dramatic transformation in recent years, driven by the rapid advancement of artificial intelligence and machine learning technologies. Traditional network security tools such as firewalls and antivirus software, while still important, are increasingly outpaced by sophisticated, AI-powered threats that can adapt and evolve in real-time. To stay safe in this landscape, organisations need advanced threat intelligence capabilities to identify, prevent, and respond to emerging threats before they can cause significant damage.

The rise of AI in cybersecurity has created a paradigm shift: while AI empowers attackers to create more sophisticated threats, it also enables defenders to develop more effective threat intelligence systems. This dynamic has made threat intelligence an essential component of modern cybersecurity strategy.

In today’s digital world, email remains one of the most widely used - and most targeted - communication channels. To combat rising threats like phishing, spoofing, and spam, Microsoft Outlook is rolling out new authentication requirements for high-volume senders (defined as those sending over 5,000 messages per day). These changes aim to create a more trustworthy and secure email ecosystem.

In today's digital landscape, a brand's online presence extends far beyond a single website. Enterprises typically maintain numerous digital touchpoints, including multiple websites, mobile applications, web applications, and APIs that connect numerous services and systems. While this digital ecosystem enables efficient operations and enhanced customer experiences, it also presents an expanded attack surface that cybercriminals actively exploit. The cost of such exploitation can be extremely high. Beyond the immediate financial losses of a successful attack, which averaged $4.35 million per data breach in 2022, organisations can also face long-term reputation damage, loss of customer trust, regulatory penalties, and potential legal liabilities if they do not properly protect themselves.

DNSSEC is an essential feature for ensuring the integrity and security of your online presence. Without it, you expose your users to fraud and risk your organisation’s reputation. However, implementing DNSSEC can be complicated, especially for large domain portfolios with thousands of domains.

One of the biggest online vulnerabilities for organisations today is lack of control of their digital assets, which leaves the doors open for all kinds of abuse, including brand impersonation and domain takeovers. The consequences of this, both to brand reputation and finances, can be severe. But there is an easy way to prevent this - proper management.

Google has made email branding more accessible for organisations of all sizes by introducing Common Mark Certificates (CMC) as an alternative to Verified Mark Certificates (VMC) for BIMI implementation. This change allows organisations to display their logo in Gmail inboxes without the need for trademark registration, significantly reducing the cost and complexity of enhanced email security.

Taking down an abusive domain is not as simple as it may appear. You can always report abuse, but this does not always mean the domain will be taken down or preventive actions will be taken to avoid further abuse. An expert ensures the many challenges that can arise in the process are dealt with quickly and efficiently to protect your brand.

Setting up a DMARC policy is not a one-time task. To stay safe from threats in the long-run, organizations need to continuously manage their DMARC policy to ensure all domains are covered and properly protected. Just as organizations continuously change and evolve, so must DMARC.

The impact of AI across industries is undeniable and it will only grow as AI develops further. However, just as AI has the potential to increase the efficiency of many processes and tasks, it can also increase the efficiency and scale of cyberattacks. To stay protected, security must adapt to these evolving threats.