Unwanted Guests with David Brunsdon

Attackers are already living in your DNS, domains, and routers, would you even know they were there? In this BSides Vancouver Island talk, threat researcher David Brunsdon (Infoblox) shows how misconfigured DNS, hijacked domains, vulnerable MikroTik routers, and compromised WordPress sites get chained together into large‑scale malware and fraud infrastructure. Instead of a single “big hack,” you’ll see how everyday admin mistakes quietly fuel botnets, phishing, and data theft. This session is ideal for blue team defenders, threat hunters, incident responders, SOC analysts, and security‑minded infrastructure and DNS administrators who want to stop being “easy mode” for attackers. Key topics include: - How attackers discover and weaponize misconfigured DNS and weak domain security - “Sitting ducks” domain hijacking and why it works so well at scale - How a tiny SPF record mistake lets attackers spoof your domain and abuse email - How botnets, traffic distribution systems, and