Communications of the ACM
Danger Caused by Subdomains
The Security & Privacy Research Unit at TU Wien, in collaboration with Italy's Ca Foscari University, uncovered an important security vulnerability that had been overlooked.
Credit: tuwien.at
A security vulnerability could enable hackers to commandeer Website subdomains and inflict severe damage, according to researchers at Austria's Technical University of Wien (TU Wien) and Italy's Ca' Foscari University.
The vulnerability lies in the persistence of dangling records—links to subdomains no longer in use—where TU Wien's Mauro Tempesta said attackers can establish their own domains.
Such exploits can create vulnerabilities that pose risks to anyone who wants to use the actual site.
The researchers found 1,520 vulnerable subdomains within 50,000 of the world's most critical Websites, and university sites were more likely to be vulnerable, since they have an especially large number of subdomains.
TU Wien's Marco Squarcina said only 15% of those vulnerabilities have been corrected six months after administrators were warned of the threat.
From Technical University of Wien (Austria)
View Full Article
Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA
No entries found