Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

Weak-Kneed GoDaddy Security Implementation Permits Large-Scale Email Bomb Threat Transmissions

January 28, 2019 by Marc Handelman in Blatant Incompetence, Information Insecurity

via the highly respected Dan Goodin - Security Editor at Ars Technica, comes the story of a fundamental design weakness at GoDaddy, Inc. (NYSE: GDDY), whcih permitted thousands of domains registered at GoDaddy, Inc. to be hijacked, leading to bomb-threat emails to be processed and delivered on December 13, 2018 (email-serving related data is contained in DNS records - which is not the flaw specifically).

Perhaps a modicum of diligence in ferreting out flaws (ideally on a continuous basis), instead of focusing on creating bullshit laden advertising touting your company's misaligned-to-reality information security architecture and engineering capabilities is in order GoDaddy, Inc.... Let's get those prioritties aligned correctly, and you'll end up with a posture that's squared-away.

January 28, 2019 /Marc Handelman
Blatant Incompetence, Information Insecurity
  • Newer
  • Older