1. Forum
  2. Usenet
  3. MISC.NEWS.INTERNET.DISCUS

  • MasterCard DNS Error Went Unnoticed for Years

    From JAB@21:1/5 to All on Sun Jan 26 06:55:06 2025
    MasterCard DNS Error Went Unnoticed for Years

    The payment card giant MasterCard just fixed a glaring error in its
    domain name server settings that could have allowed anyone to
    intercept or divert Internet traffic for the company by registering an
    unused domain name. The misconfiguration persisted for nearly five
    years until a security researcher spent $300 to register the domain
    and prevent it from being grabbed by cybercriminals.
    ...
    ...
    The researcher said he'd hoped that the credit card giant might thank
    him, or at least offer to cover the cost of buying the domain.
    ...
    ...
    "Don't be like Mastercard," Caturegli concluded in his LinkedIn post.
    "Don't dismiss risk, and don't let your marketing team handle security disclosures."

    https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Michael Trew@21:1/5 to JAB on Wed Jan 29 11:28:05 2025
    On 1/26/2025 7:55 AM, JAB wrote:
    MasterCard DNS Error Went Unnoticed for Years

    The payment card giant MasterCard just fixed a glaring error in its
    domain name server settings that could have allowed anyone to
    intercept or divert Internet traffic for the company by registering an
    unused domain name. The misconfiguration persisted for nearly five
    years until a security researcher spent $300 to register the domain
    and prevent it from being grabbed by cybercriminals.
    ...
    ...
    The researcher said he'd hoped that the credit card giant might thank
    him, or at least offer to cover the cost of buying the domain.
    ...

    Would'a been funny if he had diverted the traffic instead of securing
    other people from doing it.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)