SecurityTrails Blog

Recon Safari #4: Domains Riding the Robinhood Wave
During the past couple of weeks, the popular free financial trading app Robinhood made headlines for halting purchases of certain stocks. This has resulted in a lot of bad publicity for the company. And because threat actors enjoy exploiting trending news topics to their advantage, we decided to look at newly registered Robinhood domains to see how they’re being used.

February Product Updates: New HTTP Header Data in SQL Explorer and Improved Tagging
We are excited to announce new features for SurfaceBrowser™. Now you can perform a new range of HTTP header-based queries to get information from our port 443 crawled data, and gain quick access to improved tagging for faster asset discovery.

Who Are Cybercriminals? The 10 Most Infamous Cybercriminals
Throughout human history, crime has been ever-present. Whether it’s burglary, theft, fraud, extortion, vandalism, or more serious offenses, it always followed us. But as technology progresses, criminals find more ways to conduct their illegal activities.

Risks of Expired SSL Certificates
SSL certificates have become an integral part of today’s internet. Allowing the encryption of traffic between host and client has opened up multiple opportunities for services to be accessed from anywhere, further expanding the scope of possibilities the internet has to offer.

Top 10 Cloud Migration Mistakes and How to Avoid Them
Organizations are rushing to move their applications and data to the cloud as cloud adoption rates keep soaring year after year. Whatever the industry or size of an organization, it’s apparent that everyone is moving to the cloud.

Residential Proxies: Types, Usage and Dangers in Cybersecurity
Privacy concerns over a flurry of egregious corporate breach scenarios continue to upend just about any other ‘hot’ technology-related topic out there—a direct reflection of the turbulent digital landscape we find ourselves in and a constant influx of hedonic platforms (e.g., social media) making indiscriminate use of personal data, albeit the dire consequences.

Top 10 Cloud Security Threats and How to Mitigate Them
One thing’s for sure: cloud adoption is going mainstream. It’s grown increasingly obvious that cloud computing has continuously transformed the way organizations of all sizes access, store and share data, thanks to its many benefits of rapid deployment, flexibility, low costs and scalability. But its interconnectedness and many other advantages aren’t the only things cloud computing has brought along with it—security challenges are emerging in today’s cloud era.

What Are Clickjacking Attacks and How Can You Prevent Them?
The ever increasing usage of web applications via mobile devices, installing and launching of malicious apps, GPS location leaks and financial fraud have made clickjacking attacks a lot more dangerous than understood previously. Lack of device security has also made it possible for clickjacking attacks to be a vector for targeted attacks into our personal lives.

Man-in-the-Middle Attacks: When Three’s a Crowd
When you’re browsing the web, you would expect that your communications and the information exchanged are kept private, having not been tampered with in transit. Whether it’s merely login credentials, personally identifiable information or even bank account details, we exchange a lot of information on the Internet every day—and while we expect the utmost security, that certainly isn’t the rule.

Why Not to Set Domains to Private IPs
“An ounce of prevention is worth a pound of cure.” ― Benjamin Franklin The concept of risk is ubiquitous across the cybersecurity landscape. In this day and age, it is difficult to envision any security-conscious organization not having alluded, hopefully more than once, to the serious consequences attached to avoiding the subject, particularly when it comes to protecting its most sensitive digital assets and personal data.