Name: Internal Domain Name Collision 2.0
Start: 2025-06-03T11:00:00-0400
End: 2025-06-03T11:50:00-0400

Streaming: https://mssvideo.vcu.edu/RVAsec

Tuesday June 3, 2025 11:00am - 11:50am EDT

The proliferation of new Top-Level Domains (TLDs) has sparked security concerns primarily around phishing and social engineering attacks. However, the emergence of these new TLDs has broadened the attack surface, making it easier for threat actors to exploit other domain-related vulnerabilities. Our research explored another critical but often overlooked vulnerability: Internal Domain Name Collision. During our research, we examined how legacy systems configured before the TLD boom can become susceptible to these collisions, potentially allowing threat actors to redirect or intercept sensitive internal traffic. This vulnerability can have a ripple effect, impacting even newly installed systems that rely on configurations from those legacy systems (e.g. DHCP, DNS Suffix, etc.). This presentation will showcase our methodology for identifying vulnerable domains and present real-world examples of high-value targets at risk, including a major European city, a US Police Department, and critical infrastructure companies.

Speakers

Philippe Caturegli

Chief Hacking Officer, Seralys

Philippe has over 25 years of experience in building, defending, and attacking across all areas of Information Security. He's been performing penetration tests since the early 2000s, gaining deep expertise across diverse security landscapes. In 2012, he founded Seralys, a boutique... Read More →

Tuesday June 3, 2025 11:00am - 11:50am EDT
Upstairs, Grand Ballroom F/G

Technical

RVAsec 14

Philippe Caturegli

Attendees (3)

RVAsec 14

Philippe Caturegli

Attendees (3)

Log in to save this to your schedule, view media, leave feedback and see who's attending!