Neglected assets

Subdomain is under risk of a takeover

Platform(s)
  • Non-platform specific

Compliance Frameworks

CCPA, CPRA, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, mpa, NIST 800-171, NIST 800-53, PDPA

Description

The subdomain CNAME record is redirecting to a subdomain which is not in use anymore and can be registered by anyone. If the domain is not registered and controlled by a trusted party, it could potentially be used for malicious purposes. For example, an attacker could register the domain and use it to host a phishing site or other malicious content, and users who are redirected to the domain via the CNAME record could be at risk of falling victim to these attacks