SecurityTrails Blog

RDP: Risks and Prevention Tips for Your Attack Surface
The Remote Desktop Protocol (RDP) belongs to a subset of ITU-T protocol standards purposely designed to provide reliable transport of visual, input, control, and component-sharing data and capabilities from one remote computer system to another.

Action needed: Atlassian Confluence On-Premise RCE Vulnerability - CVE-2022-26134
If you are an administrator of an Atlassian Confluence On-Premise installation, please make sure to update your installation immediately. All current versions of Confluence Server & Data Center are affected.

Attack Surface Intelligence: When the Power Comes from the Data
In the current era of the remote workforce, businesses have struggled to meet customer and stakeholder expectations of evolving cyber threats. While organizations choose the best option to update their internal security posture continuously, they often do very little to monitor external threats on their attack surface.

Preventing Subdomain Takeover Attacks with Attack Surface Intelligence
Next year will mark the 40th anniversary of the creation of the Domain Name System (DNS) by Paul Mockapetris, a pioneer of the IT industry whose forays into early distributed systems and email delivery applications led to the groundbreaking naming exchange that permeates today's internet.

The Role of Cloud Misconfigurations & the Attack Surface in the 2022 Verizon DBIR
This year's 15th installment of the Verizon Data Breach Investigations Report (DBIR) features yet another impressive dataset of corporate breaches and exposures marked by an overriding postulate: attack surfaces matter* and they should dictate a large portion of your risk assessment strategy.

Insights and lessons learned from the recent BIG-IP Application Delivery Services Vulnerability
Every few months, a bug will come along that puts the information security community into a flurry of activity. Working weekends and nights to understand new vulnerability information as it comes to light, applying new patches (sometimes multiple times, as the situation changes), while also keeping apprised of new information hasn’t been uncommon. Throughout these past couple of years, we’ve had bugs as notable as Log4J, ProxyLogon, and more recently, a string of F5 vulnerabilities.

Detecting the Most Dangerous Ports with Attack Surface Intelligence
Software ports are an essential component of any modern application. It's because ports allow applications to communicate that your web browser has connected to a port on our web server, fetched the contents of this blog article, and shared it on your screen for you to read.

Cybersecurity: The Key to Your Divestment Process
Divestitures occur when an organization sells a division or portion of their business and assets to another company. This process can be set in motion for various reasons, including the want of financial gain in difficult times (wherein an organization might sell off their least profitable assets), the desire to free up resources (to increase focus on a primary area of business), and to lower the risk of non-compliance with regulations.

Prepare, Detect, Respond: Reduce Your Risk of Cyber Attack with Attack Surface Intelligence
With the rise in cybersecurity attacks targeting individuals and corporations alike, it's become increasingly important not only to ensure preparedness for cybersecurity attacks but to set up processes for early detection and response as well.

April Product Updates: Improved Risk Rules and Data Quality
Today we're excited to share new product news with you! These include updates to our Attack Surface Intelligence platform, such as the Risk Rules, Explorer module, and data quality.