What Was Once Old Is New Again - Domain Squatting in 2020

Explore a comprehensive conference talk on modernized domain squatting techniques and their implications for cybersecurity. Delve into how traditional domain squatting methods have evolved to incorporate OSINT gathering and weaponized document delivery via email. Discover the alarming accuracy of corporate relationship and supply chain mapping achieved through these techniques, as well as the repurposing of authentic business documents for spear-phishing attacks. Gain insights into the domain registration process, various squatting techniques, defensive strategies, and the scale of the problem. Learn about interdomain categorization, false negatives, and the biggest DNS SOA squat providers. Examine real-world examples and case studies, including a cautionary tale that highlights the potential risks and challenges associated with these tactics. Understand the email model, target classification, and domain setup processes used in modern domain squatting attacks. Suitable for those with a basic understanding of email protocols, DNS, spear-phishing, and supply-chain attacks.