In February, Mike O’Connor expressed interest in selling the “corp.com” domain with hopes that Microsoft would buy it. In early versions of Windows that supported Active Directory, the default or example domain was “corp.” This domain would be particularly dangerous if a threat actor were to control it, due to the fact that many corporate domains used this default suggestion instead of a domain name owned by the company. When endpoints try to access an Active Directory-mapped device like a network share, DNS settings may allow that endpoint to communicate online first, initiating a connection to the third-party corp.com domain instead. Research showed that even recently, hundreds of thousands of computers around the world attempt to send sensitive information to the corp.com domain. Earlier this week, O’Connor wrote to Brian Krebs to say that Microsoft had bought the domain from him for an undisclosed amount. Microsoft has since said that it bought the domain to protect its customers.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.