Security feature: dropped and expired domain names

I am researching a feature on “abandoned domain” attacks: how unused or obsolete domain names can be exploited by criminal hackers.

This is often connected to business email compromise or attempts to take over email servers, but there are other ways a disused domain can be exploited.

The piece will look at how these attacks work, how they leverage expired domains, and what they are trying to achieve – exfiltration of data, say, or spreading ransomware.

And the piece will look at how security teams can monitor for domain issues, and potentially regain control of an abused domain.

To submit suggested interviewees, or for more information on the publication and deadline, please email me no later than 2nd December.