all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

".zip" top-level domains draw potential for information leaks

Add to bookmarks
June 13, 2023, 12:03 p.m. | Guilherme Venere

Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com

As a result of user applications increasingly registering actual “.zip” files as URLs, these filenames may trigger unintended DNS queries or web requests, thereby revealing possibly sensitive or internal company data in a file’s name to any actor monitoring the associated DNS server

actor applications data dns dns server domains file files information internal landing page top story leaks may monitoring name on the radar requests result server threats top story trigger urls web zip

Visit resource

More from blog.talosintelligence.com / Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

The private sector probably isn’t coming to save the NVD 2 days, 14 hours ago | blog.talosintelligence.com
arcanedoor coming cybercrime isn +9
Talos IR trends: BEC attacks surge, while weaknesses in MFA persist 2 days, 20 hours ago | blog.talosintelligence.com
adversaries attacks bec bec attacks +17
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices 3 days, 16 hours ago | blog.talosintelligence.com
apt campaign campaigns devices +15
Suspected CoralRaider continues to expand victimology using three information stealers 4 days, 20 hours ago | blog.talosintelligence.com
apt argument bypass command +17
What’s the deal with the massive backlog of vulnerabilities at the NVD? 1 week, 1 day ago | blog.talosintelligence.com
backlog current deal management +10
Could the Brazilian Supreme Court finally hold people accountable for sharing disinformation? 1 week, 2 days ago | blog.talosintelligence.com
account blocked court disinformation +8
OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal 1 week, 3 days ago | blog.talosintelligence.com
cisco cisco talos code confidential +20
Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials 1 week, 4 days ago | blog.talosintelligence.com
attacks brute brute-force cisco +24
The internet is already scary enough without April Fool’s jokes 2 weeks, 2 days ago | blog.talosintelligence.com
april backdoor community internet +7

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Principal Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com

Security Engineer- Systems Integration

@ Meta | Bellevue, WA | Menlo Park, CA | New York City
View on infosec-jobs.com

Lead Security Engineer (Digital Forensic and IR Analyst)

@ Blue Yonder | Hyderabad
View on infosec-jobs.com

Senior Principal IAM Engineering Program Manager Cybersecurity

@ Providence | Redmond, WA, United States
View on infosec-jobs.com

Information Security Analyst II or III

@ Entergy | The Woodlands, Texas, United States
View on infosec-jobs.com
View more jobs