Infoblox Threat IntelMay 23, 2025

Our latest blog is out! It covers a rising issue that many major organization experiences: Subdomain hijacking through abandoned cloud resources.

This research follows our reporting from earlier in the year about the CDC subdomain hijack. We initially assumed that this was an isolated incident. Well… We were wrong.

We tied some of this activity to a threat actor, dubbed Hazy Hawk, who hijacks high-profile subdomains which they use to conduct large-scale scams and malware distribution.

https://blogs.infoblox.com/threat-intelligence/cloudy-with-a-chance-of-hijacking-forgotten-dns-records-enable-scam-actor/

#dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #scam #HazyHawk

The Threat CodexMay 20, 2025
Cloudy with a Chance of Hijacking Forgotten DNS Records Enable Scam Actor
#HazyHawk
https://blogs.infoblox.com/threat-intelligence/cloudy-with-a-chance-of-hijacking-forgotten-dns-records-enable-scam-actor/
Forgotten DNS Records Enable Cybercrime

Learn about a threat actor who discovers lingering DNS records from discontinued cloud services and uses them to deliver scams through adtech.

Infoblox Blog
The DefendOps DiariesMay 20, 2025

Imagine a cunning cyber gang exploiting forgotten DNS records to hijack trusted domains. Could your cloud service be the next target for Hazy Hawk’s sneaky tactics?

https://thedefendopsdiaries.com/hazy-hawk-a-new-threat-in-dns-security/

#dnssecurity
#cyberthreats
#hazyhawk
#domainhijacking
#infosec

Hackread.comMay 20, 2025

MEW: #HazyHawk, a new threat exploiting abandoned cloud resources (S3, Azure) and DNS gaps since Dec 2023.

Read: https://hackread.com/hazy-hawk-attack-abandoned-cloud-assets-since-2023/

#CyberSecurity #CyberAttack #CloudComputer #AWS #Azure

Hazy Hawk Attack Spotted Targeting Abandoned Cloud Assets Since 2023

Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto