Security News > 2020 > February > Corp.com is up for sale – check your Active Directory settings!
No one would be daft enough to use an Active Directory domain that they didn't own, right? Unfortunately, early versions of Windows that ran Active Directory used corp as the default Active Directory domain.
So if you have corp at the end of your Active Directory domain and you look up hr-portal.
An unscrupulous buyer could potentially use that domain as a watering hole for anyone whose company still uses corp at the end of its Active Directory domain suffix list.
If the domain falls into less benevolent hands, someone could use it to mount attacks on companies that haven't switched out their corp Active Directory domains or installed updates.
What should companies do about this? Unfortunately, explains Schmidt, it's very difficult to get rid of the corp domain once it's in your Active Directory.