Are you using A records in a domain you own and pointing at their IPs? I'm not aware of any security vulnerability exploiting A vs CNAME. If they are hosting on a domain they own vs one you own, the use of a CNAME would allow them to change the A record IP without less impact to you, it would also allow them to remove the A record and effectively stop traffic targeting the host via a resolved IP.
Hi,
Sorry if this is a bit OT. Recently several different vendors (in completely different fields) where they white label for us asked us to remove A records that we have going to them and replace them with CNAME records. Is there anything *going around* in the security aranea that has caused this?