Security News

The incident gave the phisher the ability to view and modify key customer records, access that was used to change domain settings for a half-dozen GoDaddy customers, including transaction brokering site escrow.com. In a statement shared with KrebsOnSecurity, GoDaddy acknowledged that on March 30 the company was alerted to a security incident involving a customer's domain name.

GoDaddy worked with researchers to shut down 15,000 domain-shadowing websites tied to bogus affiliate marketing offers promoted via spam campaigns.

A research team found that thousands of websites were tricking users into entering credit card information by spoofing trustworthy sites.

Godaddy.com, the world's largest domain name registrar, recently addressed an authentication weakness that cybercriminals were using to blast out spam through legitimate, dormant domains. But...

A bomb threat spam campaign that hit North America last month may have been engineered using a flaw in GoDaddy’s domain management process, it was revealed this week.

Two of the most disruptive and widely-received spam email campaigns over the past few months -- including an ongoing sextortion email scam and a bomb threat hoax that shut down dozens of schools,...

Configuration data for GoDaddy servers could be used as a reconnaissance tool for malicious actors to uncover ripe targets.

A publicly accessible Amazon S3 bucket was found storing documents apparently detailing GoDaddy infrastructure running in the Amazon AWS cloud, UpGuard reveals. read more

GoDaddy has entered into an agreement to purchase Sucuri, a provider of website security products and services. Financial details of the transaction were not disclosed. Sucuri is a security...

A bug in GoDaddy's domain validation process forced the registrar to revoke SSL certificates and reissue certs for more than 6,000 customers.