Uncategorized

Generally available: DNS reservations to prevent subdomain takeover in Cloud Services deployments

Microsoft Azure is a cloud platform integrated with data services, advanced analytics, and developer tools and services. When you build on, or migrate IT assets to Azure, we provide a secure, consistent application platform to run your workloads. To strengthen your security posture, we rolled out DNS reservations to prevent subdomain takeover in Cloud Services deployments. Subdomain takeovers enable malicious actors to redirect traffic intended for an organization’s domain to a site performing malicious activity. 

The risks of subdomain takeover include:

  • Loss of control over the content of the subdomain
  • Cookie harvesting from unsuspecting visitors
  • Phishing campaigns
  • Further risks of classic attacks such as XSS, CSRF, CORS bypass

Ensuring that your organization has implemented processes to prevent dangling DNS entries and the resulting subdomain takeovers is a crucial part of your security program. 

Please refer to the DNS reservation feature in Cloud Services to reclaim your subdomain here: Prevent subdomain takeovers

Remediate dangling DNS entries