Vulnerability cyber

Panasonic

Jun 5, 2025 1 min read
Panasonic

Panasonic fell victim to subdomain hijacking by the Hazy Hawk threat group, which exploited misconfigured DNS records to spread malware and perpetrate online scams. The attackers redirected users to malicious sites through abandoned cloud resources, compromising user trust and exposing them to fraudulent activities. The attack emphasizes the critical importance of DNS hygiene and automated monitoring to detect and mitigate such vulnerabilities.

Source: https://www.techradar.com/pro/security/criminals-hijacking-subdomains-of-popular-websites-such-as-bose-or-panasonic-to-infect-victims-with-malware-heres-how-to-stay-safe

TPRM report: https://scoringcyber.rankiteo.com/company/panasonic

"id": "pan356060525",
"linkid": "panasonic",
"type": "Vulnerability",
"date": "5/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Consumer Electronics',
                        'name': 'Bose',
                        'type': 'Corporation'},
                       {'industry': 'Consumer Electronics',
                        'name': 'Panasonic',
                        'type': 'Corporation'},
                       {'industry': 'Health',
                        'name': 'US CDC',
                        'type': 'Government Agency'},
                       {'industry': 'Professional Services',
                        'name': 'Deloitte',
                        'type': 'Corporation'}],
 'attack_vector': 'Misconfigured DNS CNAME records',
 'description': 'Hazy Hawk exploits misconfigured DNS CNAME records to hijack '
                'subdomains of major organizations and spread malware and '
                'scams.',
 'initial_access_broker': {'entry_point': 'Dangling DNS records',
                           'high_value_targets': ['Bose',
                                                  'Panasonic',
                                                  'US CDC',
                                                  'Deloitte']},
 'lessons_learned': 'Organizations must focus on DNS hygiene, using automated '
                    'DNS monitoring tools, and treating misconfigurations as '
                    'critical vulnerabilities.',
 'motivation': 'Spread malware and perpetrate online scams',
 'post_incident_analysis': {'corrective_actions': 'Automated DNS monitoring '
                                                  'and treating '
                                                  'misconfigurations as '
                                                  'critical vulnerabilities',
                            'root_causes': 'Administrative oversight leading '
                                           'to misconfigured DNS CNAME '
                                           'records'},
 'recommendations': 'Individuals should refuse push notification requests from '
                    'unfamiliar sites and organizations should use automated '
                    'DNS monitoring tools integrated with threat intelligence.',
 'references': [{'source': 'TechRadar Pro'}],
 'threat_actor': 'Hazy Hawk',
 'title': 'Hazy Hawk Subdomain Hijacking Campaign',
 'type': 'Subdomain Hijacking',
 'vulnerability_exploited': 'Dangling DNS records'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.