Hostile subdomain takeover

Description

One of the subdomains of the scanned domain is pointing to an external service but the external service account was cancelled or has expired. Because the account is not in use anymore, an attacker can claim this account and takeover your subdomain. The attacker can use this subdomain for phishing or to spread malware.

Remediation

It's recommened to reconfigure the DNS settings for this subdomain or remove the DNS entry pointing to the external service.

References
Severity
Classification
Tags
  • Configuration