{"id":701,"date":"2026-06-10T16:57:37","date_gmt":"2026-06-10T15:57:37","guid":{"rendered":"https:\/\/blogs.it.ox.ac.uk\/nexus\/?p=701"},"modified":"2026-06-10T17:01:36","modified_gmt":"2026-06-10T16:01:36","slug":"typos-and-data-loss","status":"publish","type":"post","link":"https:\/\/blogs.it.ox.ac.uk\/nexus\/2026\/06\/10\/typos-and-data-loss\/","title":{"rendered":"Typos and data-loss"},"content":{"rendered":"\n

Shared by Alex Shakhov<\/a>:

“A European cybersecurity company left a typo in their DNS for over a year, so we registered it.<\/p>\n\n\n\n

We only did that to keep an attacker from getting there first, after they ignored our disclosures across multiple channels. The next day, their own security telemetry started flowing to us.<\/p>\n\n\n\n

The typo was in their DMARC RUA endpoint, so within days we had mapped their sending infrastructure, the vendors sending on their behalf, and even their internal R&D systems, right down to the specific tooling they run and where it’s hosted.<\/p>\n\n\n\n

If an attacker had registered that domain, this would be a GDPR incident with fines and a reputational hit, built from a single typo.<\/p>\n\n\n\n

It doesn’t matter if you have #DMARC p=reject and enterprise-level security controls in place, when the employees touching your DNS are typing the values instead of copying\/pasting them.<\/p>\n\n\n\n

Audit your DNS and confirm you control every domain it points to. There’s no point in strict security controls if one dangling record is leaking your internal data.<\/p>\n\n\n\n

\"Typo<\/p>\n","protected":false},"excerpt":{"rendered":"

Shared by Alex Shakhov: “A European cybersecurity company left a typo in their DNS for over a year, so we registered it. We only did that to keep an attacker from getting there first, after they ignored our disclosures across … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":107,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-701","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blogs.it.ox.ac.uk\/nexus\/wp-json\/wp\/v2\/posts\/701","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.it.ox.ac.uk\/nexus\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.it.ox.ac.uk\/nexus\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.it.ox.ac.uk\/nexus\/wp-json\/wp\/v2\/users\/107"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.it.ox.ac.uk\/nexus\/wp-json\/wp\/v2\/comments?post=701"}],"version-history":[{"count":4,"href":"https:\/\/blogs.it.ox.ac.uk\/nexus\/wp-json\/wp\/v2\/posts\/701\/revisions"}],"predecessor-version":[{"id":725,"href":"https:\/\/blogs.it.ox.ac.uk\/nexus\/wp-json\/wp\/v2\/posts\/701\/revisions\/725"}],"wp:attachment":[{"href":"https:\/\/blogs.it.ox.ac.uk\/nexus\/wp-json\/wp\/v2\/media?parent=701"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.it.ox.ac.uk\/nexus\/wp-json\/wp\/v2\/categories?post=701"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.it.ox.ac.uk\/nexus\/wp-json\/wp\/v2\/tags?post=701"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}