Incident: Re-generate API keys due to open Elasticsearch server
TL;DR: On Monday, June 29, 2020 we were notified by a security researcher that one of our Elasticsearch clusters was exposed to the Internet without any authentication. The configuration issue is resolved, but API usage logs may have been exposed.
Attack Surface Analysis: APT “à la carte”
Your company has assets. Those assets are very interesting to somebody. And now, that “somebody” has decided to take them. Congratulations! You’ve just been served to an APT, for lunch.
Top 100+ Best Security Companies in 2020
With organizations connecting their critical business operations and sensitive data to information technology systems, they rely on a number of networks, software, protocols and services. This makes detecting intrusion and threats increasingly challenging. And particularly when it’s necessary to determine the essential who, where, how and why before a threat results in an actual cyber attack, disrupting operations and compromising sensitive data.
Covert Channel Discovery: Understanding Network Extrusions
Based on a true series of events: “…I was ready to begin this long-awaited vacation at that awesome paradisical location I’ve been dreaming of for years. Oh no! The moment I stepped out of the room it hit me: I’d completely forgotten to send that incredibly urgent and important email before leaving home. This needs to be fixed right now! But how? Look at me, I’m at this oceanic hotel villa under a palm tree in the middle of nowhere. Internet pricing here is absurd, there’s no way I’ll pay for this… what can I do?”
Cyber Espionage: Cloak-and-Dagger in Cyberspace
Spies and the world of espionage have been around since the beginning of time. Information has always been power; even our predecessors knew it.
Masscan: A Fast and Scalable IP Port Scanner
Researchers require tools to make their investigations not only more effective, but also less mundane. Some tools are designed to automate repetitive tasks and other tools are designed to do things that wouldn’t be practical to do manually.
Phishing Toolkit: Top 20 Best Phishing Tools
Phishing is the most common type of social engineering attack, as well as one of the most frequent attack methods on the Internet in general. It’s a simple concept: creating a fake website that impersonates a legitimate one that the target frequents, and sending them a security notice that urges them to ‘click on the following link’—which then leads them to a fake website, where they’ll be prompted to log in.
What is DNS Intelligence?
We’ve written about the importance of IP addresses before, such as in our article exploring IP intelligence. In that piece we dived into how useful IP data is for the entire internet, as well as the critical role it plays in the cybersecurity industry.
Top 5 Cybersecurity Certifications to Kick Start Your Career
Many students interested in entering the cybersecurity field turn to certifications to improve their knowledge and hands-on skills, make them more competitive in the job market and get their resumes noticed. But there are many certifications out there focused on different roles in the cybersecurity space, and it can be hard to decide which one to choose, and in which order…it’s confusing.