Threat around Google’s .zip TLD

Facebook
Twitter
LinkedIn

If you didn’t read about it yet, here are some important details to know:
Recently, a new top-level domain (TLD) called .zip was introduced by Google. While the creation of new TLDs can bring exciting opportunities, it also opens the door to potential security risks. Attackers could exploit this new TLD to deceive users and execute malicious activities, posing a significant threat to our online safety.

Can you quickly tell which of the URLs below is legitimate and which one is a malicious phish that drops evil.exe?

https://github.com∕kubernetes∕kubernetes∕archive∕refs∕tags∕@v1271.zip

https://github.com/kubernetes/kubernetes/archive/refs/tags/v1.27.1.zip

To read more about it, check out this article from Medium.com:
https://medium.com/@bobbyrsec/the-dangers-of-googles-zip-tld-5e1e675e59a5

Our brilliant team at CyRay has already deployed a robust rule specifically designed to mitigate the risks associated with the Google .zip TLD. This rule has been incorporated into our system, providing an additional layer of defense against potential attacks.

By deploying this rule promptly, we have proactively fortified our network security, ensuring that our employees, clients, and partners can continue to operate with confidence and peace of mind. We understand the importance of staying ahead of emerging threats and investing in cutting-edge technologies to maintain the highest level of security for our stakeholders.

While this specific security measure addresses the Google .zip TLD threat, it is crucial to remain vigilant and adaptable in the face of evolving cybersecurity challenges. Our team is continuously monitoring emerging trends and potential vulnerabilities to ensure that we remain at the forefront of cybersecurity innovation.

#Cybersecurity #NetworkSecurity #GoogleZipTLD #CyRay

More to explorer

New Deployed Rules

Process CreationSuspicious Execution Location Of Wermgr.EXEPotential CVE-2023-36874 Exploitation – Fake Wermgr ExecutionNetwork Reconnaissance ActivityNode Process ExecutionsNslookup PowerShell Download Cradle – Process CreationSuspicious

New Deployed Rules

Account ManagementOutgoing Logon with New CredentialsRottenPotato Like Attack PatternScanner PoC for CVE-2019-0708 RDP RCE Vuln File EventWebDAV Temporary Local File CreationSCR File

New Deployed Rules

Process CreationMMC20 Lateral Movement Process CreationMMC Spawning Windows Shell Process CreationPotential Arbitrary Command Execution Using Msdt.EXE Process CreationSuspicious MSDT Parent Process Process

Sign up for our newsletter

Time to market

One-day SIEM integration