The Corp.com website is being sold (likely price: $1.7 million).
Why should you care? Because many companies use corp.com as their second level domain for their Active Directory. As explained in this helpful article, it means that, “[W]hoever controls corp.com can passively intercept private communications from hundreds of thousands of computers that end up being taken outside of a corporate environment.”
In short, this means that thousands of valid corporate credentials flow to this site when employees are using laptops beyond the company’s firewall (e.g., in a Starbucks).
Fortunately, the person that owns corp.com is not malicious. In the meantime, here’s how to fix the problem.
To receive great cybersecurity content for business leaders, sign up for our monthly newsletter: https://fractionalciso.com/newsletter/