Ronald Guilmetteについて、ここに記述してください。

Spammy Bear

https://krebsonsecurity.com/tag/ron-guilmette/

1. Krebs

https://krebsonsecurity.com/2019/02/crooks-continue-to-exploit-godaddy-hole/

Godaddy.com, the world’s largest domain name registrar, recently addressed an authentication weakness that cybercriminals were using to blast out spam through legitimate, dormant domains.

But several more recent malware spam campaigns suggest GoDaddy’s fix hasn’t gone far enough, and that scammers likely still have a sizable arsenal of hijacked GoDaddy domains at their disposal.

Researcher Ron Guilmette discovered that 
Spammy Bear was able to hijack thousands of these dormant domains for spam simply by registering free accounts at GoDaddy and telling the company’s automated DNS service to allow the sending of email with those domains from an Internet address controlled by the spammers.

the mitigation steps we took to prevent the dangling DNS issue

“Our DNS servers have not been compromised,” Race said. 
“The examples provided were dangled domains that had zone files created by the threat actor prior to when we implemented our mitigation on January 23.

 These domain names were parked until the threat actors activated them.
 They had the ability to do that because they owned the zone files already.
 We’re continuing to review customer accounts for other potential zone entries.”


https://krebsonsecurity.com/2019/01/bomb-threat-sextortion-spammers-abused-weakness-at-godaddy-com/

Jan 19 Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com