- Cyber Safety
- Posts
- Reclaimed, Reused, Retargeted: Domains, Docs & Device Gaps
Reclaimed, Reused, Retargeted: Domains, Docs & Device Gaps
In partnership with
Choose the Right AI Tools
With thousands of AI tools available, how do you know which ones are worth your money? Subscribe to Mindstream and get our expert guide comparing 40+ popular AI tools. Discover which free options rival paid versions and when upgrading is essential. Stop overspending on tools you don't need and find the perfect AI stack for your workflow.
Unused Domains Are Being Reactivated for Phishing
Threat actors are re-registering domains that companies let expire—restoring old login portals or rehosting familiar-looking pages for credential capture.
Maintain a list of retired domains. Register critical expired names and redirect them to a neutral page or your bug bounty portal.
Printer Firmware Is Being Used to Establish Persistence
Network printers and MFPs (multi-function printers) running outdated firmware are being exploited to retain malware across resets—acting as silent reentry points.
Update firmware on schedule. Place printers in VLANs with zero internet access and log all outbound connections.
Calendar Invites Are Delivering Payloads via ICS Files
Malicious .ics calendar invites now carry embedded scripts or links to trojanized Zoom backgrounds and meeting tools—bypassing basic AV and browser filters.
Treat unknown ICS files as executables. Sanitize invites from external sources and route through content inspection gateways.
The Gold standard for AI news
AI will eliminate 300 million jobs in the next 5 years.
Yours doesn't have to be one of them.
Here's how to future-proof your career:
Join the Superhuman AI newsletter - read by 1M+ professionals
Learn AI skills in 3 mins a day
Become the AI expert on your team
Intern-Level Roles Have Unexpected Write Privileges
Review of IAM roles across orgs shows that many “read-only” or junior access levels still allow file uploads, data edits, or script execution in test environments.
Create least-privilege access blueprints. Validate all role defaults, especially during intern season or contractor onboarding.
Personal VPNs Are Evading GeoIP Blocking Rules
Remote employees using ProtonVPN, NordVPN, or browser VPNs are routing traffic through unlogged locations—bypassing region-specific controls or security policies.
Enforce VPN allowlists. Monitor traffic patterns for non-corp IPs accessing region-locked or high-risk systems.
Google Docs Comments Are Being Used for Credential Harvesting
Attackers are inserting malicious links or fake support messages into comment threads—exploiting email notifications and document collaboration fatigue.
Require domain-matching on commenters. Alert on links added to shared docs and disable comment email previews for external guests.
The best marketing ideas come from marketers who live it. That’s what The Marketing Millennials delivers: real insights, fresh takes, and no fluff. Written by Daniel Murray, a marketer who knows what works, this newsletter cuts through the noise so you can stop guessing and start winning. Subscribe and level up your marketing game.