What Was Once Old Is New Again - Domain Squatting in 2020

Explore a comprehensive conference talk on modernized domain squatting techniques and their implications for cybersecurity. Delve into how traditional domain squatting methods have evolved to incorporate OSINT gathering and weaponized document delivery via email. Discover the alarming accuracy of corporate relationship and supply chain mapping achieved through these techniques, as well as the repurposing of authentic business documents for spear-phishing attacks. Gain insights into the domain registration process, various squatting techniques, defensive strategies, and the scale of the problem. Learn about interdomain categorization, false negatives, and the biggest DNS SOA squat providers. Examine real-world examples and case studies, including a cautionary tale that highlights the potential risks and challenges associated with these tactics. Understand the email model, target classification, and domain setup processes used in modern domain squatting attacks. Suitable for those with a basic understanding of email protocols, DNS, spear-phishing, and supply-chain attacks.

Intro
Presentation Overview
Domain Registration Process
What is Domain Squatting
Domain Squatting Techniques
Defensive Domains
How Big is the Problem
First Approach
Levenstein Edit Distance
Possible Squatting Domains
Interdomain Categorization
FortiGate
Access Bank
Domain squatting
Domain registration
DNS records
Domain squatting providers
False negatives
Overlap
Squatting
Biggest DNS SOA squat provider
Top 10 squatted organizations
Domain length
Conclusion
Future Work
A cautionary tale
The challenge
What can we find
Target organization
Picking a domain
Domain setup
What happened
Emails
Data
Domain Classification
PDFs
Xerox
Supply Chain
Email Model
Target and Classification
Plan A
Bianca
Bianca made a mistake
Targets
Domains
Questions