News

|

Feeds

|

Email

BOSTON, June 15, 2023 /PRNewswire/ -- The vulnerability of subdomain takeover in Microsoft Azure continues to pose a threat, with researchers at Keytos discovering approximately 15,000 vulnerable subdomains each month using cryptographic certificates. This relatively common exploit allows cybercriminals to impersonate organizations, launch attacks, and display spam content through legitimate sites. Despite continuous attempts to contact and notify over 1,000 organizations about their domain issues, only 2% have taken action to address the problem.

Subdomain takeover occurs when a domain is left open after deleting an Azure website, providing cybercriminals with a backdoor to create fraudulent sites. These sites appear legitimate since they are hosted on forgotten domains, putting users at risk of credential theft through simple deception. To take preventative measures, Keytos has developed an automated tool called EZMonitor which scans and identifies vulnerable subdomains using certificate transparency logs and checking the availability of Azure-hosted websites. In its first month, EZMonitor identified over 30,000 vulnerable domains, most of which are relatively high-profile organizations that many would think have sophisticated cybersecurity teams within their organizations.

Hardly anyone is aware of the scale and magnitude of this vulnerability. 85% of Fortune 500 companies are currently utilizing Microsoft Azure and are objectively at risk. Microsoft's attempts to address the issue, their solutions like Defender for App Service Dangling DNS detection have not fully resolved the problem, leaving many organizations unknowing vulnerable. Unfortunately, most organizations have not taken the threat seriously, ignoring warnings or only removing the DNS entry without addressing the underlying vulnerability.

These takeovers have severe implications and potential consequences, including the theft of login credentials, legitimizing false information, and distributing malware. End-Users are mostly helpless against these attacks, but they can encourage their organizations to take the issue seriously. Site owners, on the other hand, can take measures to protect themselves. These include implementing certificate transparency monitoring, removing dangling DNS entries, and using Certificate Authority Authorization (CAA) records.

Urgent action is needed to address this critical issue and safeguard domains and users. Keytos' automated scanning tool, EZMonitor, provides an effective means of identifying vulnerable subdomains. It is crucial for organizations to prioritize security and take proactive measures to mitigate this threat.

Want to see if your sites are secure? Keytos offers a free domain scanning tool to examine your organizations' certificates https://portal.ezmonitor.io/

View original content to download multimedia:https://www.prnewswire.com/news-releases/keytos-uncovers-15-000-vulnerable-subdomains-per-month-in-azure-using-cryptographic-certificates-301852495.html

SOURCE Keytos LLC

Email

|

Slashdot

|

Digg

|

Del.icio.us

|

Feeds

RELATED NEWS ARTICLES

Weekly Recap: 11 Tech Press Releases You Need to See | Jan 22, 2026 Sup AI Sets New Benchmark Record with 52.15% on Humanity's Last Exam | Jan 22, 2026 DEADLINE ANNOUNCED FOR 2026 NEW TOP-LEVEL DOMAIN APPLICATIONS | Jan 22, 2026 Skunk Works® and XTEND Expand Joint All Domain Command and Control for Advanced Mission Execution | Jan 22, 2026 Trigent Partners with WeWork India to Expand its GCC Footprint | Jan 22, 2026 Exia Labs Brings Keystone to the U.S. Navy via DIU's Blue Object Management Challenge | Jan 22, 2026 Altair HyperWorks 2026 Delivers Design and Simulation at Scale with AI | Jan 22, 2026 Glasswall Brings Defense-Level File Sanitization to Every Government Agency and Business Using Microsoft 365 | Jan 22, 2026 Genpact Named a Leader in ISG Provider Lens(TM) 2025 for Insurance GCCs and Agentic AI Services | Jan 22, 2026 The Roadmap to Securing Your Own Digital Domain is Now Available | Jan 22, 2026