New CSC Research Finds One in Five DNS Records are Susceptible to Subdomain Hijacking Due to Insufficient Cyber Hygiene
CSC, an enterprise-class domain registrar and world leader in mitigating domain and domain name system (DNS) threats, today released its “Subdomain Hijacking Vulnerabilities Report” that reviewed over 440,000 DNS records and found that over 21% of DNS records point to content that does not resolve, leaving many companies vulnerable to subdomain hijacking. Additionally, over 277,000 (63%) show error status codes such as “404 not found” or “502 bad gateway.”
DNS records housekeeping is historically one of the most frequently neglected tasks due to a long history of different owners, policies, and vendors. Digital records accumulate over time, and administrators who may be unaware of each domain’s history are hesitant to delete legacy records fearing they may be tied to critical infrastructure. This buildup of inactive zones that do not point to content are known as “dangling DNS” and are at risk of subdomain hijacking. Subdomain hijacking is where an attacker gains control of a legitimate subdomain that is no longer in use to host their own fraudulent or malicious content. This opens a gateway for other cyberattacks such as phishing, malware, and ransomware.
“With 21% of major organizations vulnerable to subdomain hijacking, we needed to ensure a way for our clients to secure their online ecosystem from an array of threats that could jeopardize long-term brand integrity,” says Ihab Shraim, chief technology officer of CSC’s Digital Brand Services. “This is why CSC is introducing its new Subdomain Monitoring and Enforcement product—the first and only technology in the market to ease the burden of tracking and maintaining DNS records and purging unused zone records to prevent a subdomain hijack. With this technology, enterprises can proactively disrupt criminals who previously attempted to target their customers, employees, and partners, and mitigate the threat targeting their brands.”
The Subdomain Monitoring and Enforcement technology is powered by CSC’s one-of-a-kind DomainSecSM threat intelligence platform, and alerts DNS administrators and security engineers when changes to their zone records are detected. It also provides context on those changes so organizations can take informed actions to prevent future subdomain hijacking and conduct enforcement takedowns. With this solution, enterprises can clean up legacy records over time, and easily integrate with the DomainSec platform. This solution for domain management, brand protection, and anti-fraud solutions provides greater visibility on threat vectors targeting global domain portfolios.
“Organizations with diverse brand portfolios and global operations are often unaware of the scale of their digital footprint as digital records accumulate over time, and this makes maintaining cyber hygiene a real challenge,” said Mark Calandra, president of CSC’s Digital Brand Services. “Many do not realize that critical vulnerabilities exist with subdomains. With our new Subdomain Monitoring technology, enterprises will have the visibility necessary to strengthen their DNS cyber hygiene and attack surface management while also having more effective measures in place to protect against cyberattacks.”
To learn more about CSC’s approach to domain security, visit cscdbs.com. Download the “Subdomain Hijacking Vulnerabilities Report” here.
About CSC
CSC is the trusted security and threat intelligence provider of choice for the Forbes Global 2000 and the 100 Best Global Brands® in enterprise domain names, domain name system (DNS), digital certificate management, as well as digital brand and fraud protection. As global companies make significant investments in their security posture, CSC can help them understand known cybersecurity oversights that exist, and help them secure their online digital assets and brands. By leveraging CSC’s proprietary technology, companies can solidify their security posture to protect against cyber threat vectors targeting their online assets and brand reputation, helping them avoid devastating revenue loss, and significant financial penalties because of policies like the General Data Protection Regulation (GDPR). CSC also provides online brand protection—the combination of online brand monitoring and enforcement activities—taking a holistic approach to digital asset protection, along with fraud protection services to combat phishing. Headquartered in Wilmington, Delaware, USA, since 1899, CSC has offices throughout the United States, Canada, Europe, and the Asia-Pacific region. CSC is a global company capable of doing business wherever our clients are—and we accomplish that by employing experts in every business we serve. Visit cscdbs.com.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20230418005012/en/
Contact information
For more information:
W2 Communications
CSC@w2comm.com
CSC News Room
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Presidio Investors is Pleased to Announce the Addition of Christian Schütte as Its Newest Operating Partner12.5.2025 20:04:00 EEST | Press release
Christian brings more than 20 years of global experience in investment banking, private equity, and operational leadership, with a proven track record of driving transformational growth across industries. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250512473756/en/ Christian Schütte Christian began his career at J.P. Morgan in New York and London, where he worked in the M&A and Corporate Finance teams. He later joined Fortress Investment Group and was instrumental in launching its German operations. During his tenure, he helped raise over €1.5 billion in equity and managed a wide array of investments, including non-performing and performing loans, private and public companies. He went on to join EQT Group, where he focused on mid-market growth and succession investments. Notably, he led the consolidation of nine digital marketing agencies into a €100 million market leader, building one of the most comprehensive digital ma
Introducing Joblio – The Future of Ethical Recruitment12.5.2025 19:30:00 EEST | Press release
Joblio, a global ethical recruitment platform, officially launches today to tackle the broken labor migration system—long plagued by exploitative intermediaries, high recruitment fees, and human rights abuses. With its tech-driven model, Joblio connects vetted workers with employers directly, eliminating unethical middlemen and ensuring cost-free hiring for migrant workers. Employers fund access to talent, but workers never pay—a key step in ending exploitation. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250512628048/en/ A Mission Rooted in Personal Experience Joblio is led by Jon Purizhansky, a refugee-turned-entrepreneur who experienced migration challenges firsthand. Forced to flee his home country as a young man, Jon faced the uncertainty and vulnerability that millions of migrant workers still encounter today. Now a globally recognized expert in global labor migration law and international workforce mobility, Jon ha
DEWA Announces Record Quarterly Revenue of AED 5.96 Billion and Quarterly Cash from Operations of AED 3.85 Billion12.5.2025 18:06:00 EEST | Press release
Dubai Electricity and Water Authority PJSC (ISIN: AED001801011) (Symbol: DEWA), the Emirate of Dubai’s exclusive electricity and water services provider, listed on the Dubai Financial Market (DFM), reported its first quarter 2025 consolidated financial results, recording quarterly revenue of AED 5.96 billion, EBITDA of AED 2.43 billion, operating profit of AED 838 million and net profit of AED 496 million. The company also generated a record net cash from operations of AED 3.85 billion resulting in closing cash and cash equivalents of AED 8.17 billion, which is AED 2.07 billion higher than the balance as at year-end 2024. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250512715455/en/ Dubai Electricity and Water Authority announces record quarterly revenue of AED 5.96 billion and quarterly Cash from Operations of AED 3.85 billion (English Graphic: AETOSWire) “We are progressing in our journey to Net Zero by 2050 and will con
Alisher Usmanov Wins Legal Case Against Luxembourg’s Largest Media Group, Says Law Firm Rechtsanwälte Steinhöfel12.5.2025 15:43:00 EEST | Press release
A German court has banned Mediahuis Luxembourg S.A., the most important media holding in Luxembourg, from referring to Alisher Usmanov as the owner of the yacht Dilbar. Mediahuis Luxembourg is the leading publishing company in Luxembourg, with such assets as newspapers and online platforms, including Luxemburger Wort, Luxembourg Times and others. On May 5, 2025, the Regional Court of Hamburg ruled that the following statement published by Luxembourg Times was false and prohibited its further publication: “The luxury yacht Dilbar was seized in Hamburg’s harbour in 2022 following Russia’s invasion under EU sanctions. The yacht is owned through a company and trust by Uzbek-Russian billionaire Alisher Usmanov.” The court found the statement to be in violation of Mr. Usmanov’s rights and prohibited its distribution. In the event of non-compliance with the prohibition, Mediahuis may be fined up to €250,000 for each individual offense. Moreover, if such a fine is not enforceable, it may be re
REPLY: The Board of Directors Approves the Quarterly Report Dated 31 March 202512.5.2025 15:23:00 EEST | Press release
Today, the Board of Directors of Reply S.p.A. [EXM, STAR: REY] approved the results as at 31 March 2025. Since the beginning of the year, the Group has recorded a consolidated revenues amounting to €603.4 million, an increase of 8.9% compared to the corresponding data for 2024. All indicators are positive for the period. In the first quarter of 2025 the consolidated EBITDA was €105.3 million compared to €87.3 million in 2024, equal to 17.5% of the turnover. EBIT, from January to March, was €88.7 million (€72.1 million in 2024) and is equal to 14.7% of the turnover. The profit before tax, from January to March, was €86.9 million (€73.1 million in 2024), equal to 14.4% of the turnover. The net financial position of the Group on 31 March 2025 is also positive by 537.0 million. The net financial position on 31 December 2024 was positive for €349.1 million. “The close of 2024 and the positive start of 2025,’ said Mario Rizzante, Reply Chairman, ‘reaffirm both the solidity of the Reply model
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom