New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


World’s First Domain Registrar Network Solutions Discloses Breach

World’s first domain registrar Network Solutions disclosed a security breach that happened in late August of 2019 and allowed a third-party to infiltrate some of the company’s computing systems without authorization and potentially access some customers’ Personally Identifiable Information (PII). Network Solutions stated in their breach notice, “On October 16, 2019, Network Solutions determined that a third-party gained unauthorized access to a limited number of our computer systems in late August 2019, and as a result, account information may have been accessed. No credit card data was compromised as a result of this incident.” More information on this breach can be found here:

Analyst Notes

Network Solutions has notified affected customers and will also require all of its clients to reset their account passwords on their next login. This may indicate that customer passwords were accessed by attackers. Access to domain name accounts is highly sought-after by attackers because control over a domain can facilitate many kinds of fraud impacting the company’s brand image, or used to trick customers into disclosing private information to the attacker’s website, thinking it belongs to the trusted company whose domain name was stolen. It is advisable to keep passwords unique to the individual login and to make them complex through the use of case-sensitive characters, numbers and special characters. There are several password managers available that could help with organizing and tracking passwords.