A naukri.com initiative
Krebsonsecurity
1d
102
MasterCard DNS Error Went Unnoticed for Years
- MasterCard recently corrected a glaring error in its domain name server settings that had persisted for nearly five years; a security researcher spent $300 to register the domain and prevent it from being grabbed by cybercriminals.
- The misconfiguration occurred on one of MasterCard's core Internet servers that direct traffic for portions of the mastercard.com network, effectively allowing DNS traffic to be intercepted or diverted.
- All of the Akamai DNS server names that MasterCard uses are supposed to end in “akam.net” but one of them was misconfigured to rely on the domain “akam.ne”.
- Caturegli spent nearly three months waiting for the domain to be secured with the registry in Niger after discovering the misconfiguration which had left MasterCard vulnerable to potential security breaches.
- MasterCard acknowledged the mistake and said there was never any real threat to the security of its operations. 'We have looked into the matter and there was not a risk to our systems,” a spokesperson told reporters. “This typo has now been corrected',
- Caturegli alerted MasterCard that the domain was theirs if they wanted it, rather than abusing his access, obtaining website encryption certificates or Windows authentication credentials.
- Caturegli had hoped MasterCard would feature, or at least cover the cost to buy the domain. He believes that users are relying on public traffic forwarders or DNS resolvers like Cloudflare and Google.
- The fundamentally cautionary tale: Don’t dismiss risk, and don’t let your marketing team handle security disclosures.
- Registered previously by someone using the email address [email protected], the domain was left to expire in 2018
- This is interesting as another typo domain was registered to [email protected] and hosted at the same ISP, Team Internet (AS61969)
Read Full Article
6 Likes
For uninterrupted reading, download the app