Temporary Permanence

Temporary Permanence

Lukas Vacula's personal website and blog.

27 Feb 24

SubdoMailing Campaign

I came across this while reading my RSS feeds this morning: there's a new ad fraud campaign that is using insecure domains from big names like VMware and Marvel. But the interesting thing for me isn't the names attached, but that it seems so simple of an attack: look for outdated and unregistered domains, and use their existing presence in other companies mail records to bypass spam filters.

Relevant link to Bleeping Computer article