SecurityTrails Blog
How to Improve Your Cyber Insurance Underwriting
Cyber attacks can and do happen, and they happen all the time. There are all kinds of different attacks and threats you can encounter on the Internet, to the extent that we’ve even written about the most common network security threats. This has inevitably led to cyber risk coverage as an important and growing market.
Top 5 talks at DEF CON and Black Hat
This year we saw record-breaking visitor numbers at both DEF CON and Black Hat. Both conferences have been around for over 20 years (DEF CON was founded in 1993 and Black Hat in 1997) and each year they continue to deliver the latest information — and sometimes alarming talks — about the infosec world.
Making the Web a Better Place: Fixing Caddy Web Server Hostname Enumeration Vulnerability (CVE-2018-19148)
TL;DR The web server software Caddy leaked information on which SSL certificates were on each installation through enumeration. We submitted a bug report, built a proof of concept, submitted a CVE and the developer of Caddy Matt Holt fixed it and released Caddy 0.11.1.
SurfaceBrowser: a Passive Intelligence Tool for Exploring the Surface of Any Company
A few weeks ago we launched our new IP, Domain and Company Enrichment Feeds, and today we’re excited to show you one of the most robust information gathering utilities available on the Internet.
An Ode to White Hats: What Is Ethical Hacking?
The first thing that comes to mind when people hear a word “hacker” is some sort of criminal, someone we should be scared of when browsing the Internet. This shouldn’t worry true professionals, the “white hats”, as the number of people who understand the importance of their role in Internet safety just keeps growing. But the question remains: What is an ethical hacker?