Preventing Domain Hijacking – 10 Steps to Increase your Domain Security
OS Server daemons (also known as services), as well as applications, always require security hardening to prevent remote attacks. Previously we posted two great articles about server hardening: How to prevent DNS Attacks and another one dedicated to increasing your SSH Server Security. However, your entire online business can suffer if you neglect another key part of every Internet business: your domain name.
Why does web software get hacked?
Innumerable amounts of technologies, applications and protocols have emerged since the beginning of the Internet. Inevitably, many of them have been left behind – no longer supported and completely forgotten. But many remain valid, even since the early days, and are here to last. We’re talking about websites.
What is a DNS Leak? How can I prevent it?
At SecurityTrails we analyze DNS servers, along with their records, domains and IP addresses, to bring you the ultimate cybersecurity treasure trove for identifying and preventing infosec issues on your company’s websites and apps. Some time ago, we published a great guide on how to prevent DNS server attacks, and today we’re moving one step forward: to explore how to prevent DNS leaks, which became a pretty popular topic with the end of the net neutrality months ago.
Malicious domains registered in the wake of Hurricane Florence
Hurricane Florence is hitting North and South Carolina, and despite reports of over 20 human lives lost as victims of this horrific reality, we are sadly aware of scammers attempting to exploit the fear and kindness of good people who wish to help and donate to the victims and organizations.
How web software gets hacked — a history of its biggest exploits, and what may be coming in the future
When the Internet was created in the 1960s, it was envisioned as a revolutionary computer network reserved for a couple thousand researchers. There were many resources used in creating this fast and reliable network, and the security measures its developers took into consideration were mostly aimed towards preventing military threats and potential high-power intruders.
Top CVE's exploited in the wild
In previous posts, we’ve explored ways to avoid security issues by hardening DNS servers, and also by following best SSH Security practices. However, today we are not going to show you how to protect against attacks. Instead, we will show you the top 10 most dangerous vulnerabilities exploited in the wild during the current year.
What is OSINT? How can I make use of it?
In the past months, we have reviewed a couple interesting OSINT utilities. In fact, a few weeks ago, we also published the Top 20 OSINT Tools as a great resource for everyone starting an information security investigation. But one thing is missing for all those who have just been introduced to the fascinating world of cybersecurity: the key concept of OSINT.
How to use name server records to locate malicious domains en masse
Malicious domains often come in the form of phishing sites looking to steal usernames, passwords, and other sensitive information by impersonating a well-known brand. Mitigating phishing threats requires constant attention by information security teams. In this post we’ll demonstrate the value of DNS records, specifically name server (NS) records to locate phishing and other malicious sites en masse.