Articles

Articles from the SkySiege team covering Cloud Security, Penetration Testing and Advisories

Be the First to Know!

Get notified of our articles as they're available

    Your data is safe - no sharing, no spam.

    Reference: Cracking Weak DKIM

    Reference: Cracking Weak DKIM

    Test A-R53-10 reviews DKIM records to determine if the DKIM key is of a suitable size. As the DKIM key is part of a asymetric keypair we can infer certain properties of the corresponding private key, including the key size. Therefore using small key sizes for DKIM signatures publicly advertises that your private key must also be a small size and therefore subsceptible to cracking.

    The researchers at Jedi Security successfully cracked a 512-bit DKIM key and were able to forge an email with the cracked key which successfully passed DKIM checks across a number of top email service providers.

    reference email domains

    Reference: What's in a name?

    Reference: What's in a name?

    Test A-R53-8 specifically looks for Domains that are due to expire within the next 90 days that do not have any form of auto renewal. We reference the risk for expired domains to get squatted whereby a third party captures the domain and utilises it for ransom, SEO capture or other nefarious schemes. However, there’s an additional level of risk in the data that the domain has implicit ownership over that has been proven by other researchers in the field.

    reference security domains