blog.talosintelligence.com ".Zip" top-level domains draw potential for information leaks
As a result of user applications increasingly registering actual “.zip” files as URLs, these filenames may trigger unintended DNS queries or web requests, thereby revealing possibly sensitive or internal company data in a file’s name to any actor monitoring the associated DNS server
Some more context around the .zip domains.
Introduce yourself!
DFIR Consultant. Been doing this for a number of years now. Background in all aspects of IT starting from Help Desk to SysAdmin, Infra, and then as cybersecurity. Now trying to help anyone who needs it either on the DFIR side or mentoring anyone with an interest in cybersecurity.
