Article 3XJVD Lapsed domain names paint "hack me" target on law firms

Lapsed domain names paint "hack me" target on law firms

by
Rob Beschizza
from on (#3XJVD)

3D_Judges_Gavel.jpg

Law firms are singularly bad at technology, yet present a singularly delicious target to hackers. One particular vulnerability comes from all their abandoned domain names, which Gabor Szathmari writes "pose a significant cyber risk to the legal profession."
Domain name abandonment allows cybercriminals to gain access to, or reset passwords for online services and profession-specific portals. These online services store documents, emails and other information relating to a legal practice, including financial details, personal information, confidential information and client-legal privileged information. ...In short, bad actors can re-register an abandoned domain of a business and take full control of email services configuring it to: receive email correspondence sensitive in nature; and use the email accounts to reset passwords to online services.
External Content
Source RSS or Atom Feed
Feed Location https://boingboing.net/feed
Feed Title
Feed Link https://boingboing.net/
Reply 0 comments