Philippe Caturegli has over 25 years of experience in building, defending, and attacking across all areas of Information Security. He’s been performing penetration tests since the early 2000s, gaining deep expertise across diverse security landscapes. In 2012, he founded Seralys, a boutique cybersecurity company specializing in high value add penetration testing engagements, serving clients in both Europe and North America. Before Seralys, Philippe was a Senior Manager at a Big 4 firm in Luxembourg, where he led Security & Privacy engagements, primarily with financial institutions. Earlier in his career, he held several roles within the information system security department of a global pharmaceutical company in London, managing a heterogeneous network of over 100,000 users under strict regulatory requirements.
X (Twitter): @_titon_
Internal Domain Name Collision 2.0 (<– add to your schedule)
The proliferation of new Top-Level Domains (TLDs) has sparked security concerns primarily around phishing and social engineering attacks. However, the emergence of these new TLDs has broadened the attack surface, making it easier for threat actors to exploit other domain-related vulnerabilities. Our research explored another critical but often overlooked vulnerability: Internal Domain Name Collision. During our research, we examined how legacy systems configured before the TLD boom can become susceptible to these collisions, potentially allowing threat actors to redirect or intercept sensitive internal traffic. This vulnerability can have a ripple effect, impacting even newly installed systems that rely on configurations from those legacy systems (e.g. DHCP, DNS Suffix, etc.). This presentation will showcase our methodology for identifying vulnerable domains and present real-world examples of high-value targets at risk, including a major European city, a US Police Department, and critical infrastructure companies.