Apologies if this falls foul of the community guidelines, but I believe this has far reaching implications to Veeam and beyond.
So, there’s a new TLD (Top Level Domain) on the block that everyone is starting to notice. .zip
yep, that famous compression file extension is somehow a TLD. It has taken no time at all to weaponise. Domains such as officeupdate.zip have been claimed, and people in the infosec community have been trying to reserve potential attack vectors such as ps1.zip.
The worry is that legitimate emails will be written and reference an attachment such as “Veeamsupportlogs.zip” and then the mail client will convert that onto a hyperlink. Such functionality happens for other common TLDs in mail applications already. This could redirect legitimate traffic to malicious domains.
The reaction to this TLD is so strong that there are already calls to revoke the TLD completely. In the meantime the best defence is to block any connections to the TLD within your networks.