SecurityTrails Blog

The 10 Largest Data Breaches and Leaks: Overview, Impact and Settlements.
SecurityTrails Blog · Sep 14 · by Sara Jelen

The 10 Largest Data Breaches and Leaks: Overview, Impact and Settlements

Today, every company holds some sensitive information that can be of value to malicious actors. To say that we now see cyber attacks and data breaches happen routinely would be an understatement. We’re hit almost weekly with news about attacks crippling entire fuel pipelines, exposing government and largest-enterprise networks to attackers, and personal information belonging to billions of people all around the world put up for sale on the dark web.

Best Cybercrime Investigation and Digital Forensics Courses and Certifications.
SecurityTrails Blog · Aug 31 · by Sara Jelen

Best Cybercrime Investigation and Digital Forensics Courses and Certifications

Cyber criminals target networks in the private and public sector every day, and their threat is growing. Cyber attacks are becoming more common, more menacing, and in the public sector, can compromise public services and put sensitive data at risk. It happens all the time in the private sector too: companies are attacked for trade secrets, customer information and other confidential details. Individuals aren’t spared either and are falling victim to identity theft, fraud and various other types of cybercrime.

Blast Radius: Mapping, Controlling, and Exploiting Dynamic Self-Registration Services.
SecurityTrails Blog · Aug 24 · by Ken Pyle

Blast Radius: Mapping, Controlling, and Exploiting Dynamic Self-Registration Services

Vendors such as Datto, GeoVision, Synology and others leverage and depend on self-registered services for their products. These devices frequently leak critical data or have insecure design, unintentional or even intentional design decisions and application flaws. Through insecure network design and installation practices, they can be easily mapped, discovered and attacked by cyber criminals via insecure vendor, software and integrator practices.

How I Lost the SecurityTrails #ReconMaster Contest, and How You Can Win: Edge-Case Recon Ideas.
SecurityTrails Blog · Jul 29 · by Luke Stephens

How I Lost the SecurityTrails #ReconMaster Contest, and How You Can Win: Edge-Case Recon Ideas

A while back, SecurityTrails announced that they would be running a contest dubbed “Recon Master”—the aim of which is to find hostnames that resolve to an IPv4 address that haven’t already been found by SecurityTrails. As it had been a while since I flexed my recon muscles, that sounded very interesting to me. These days, the majority of my asset discovery phase is spent literally just using SecurityTrails, so this would force me to think outside of the box and stop being so lazy.