SecurityTrails Blog
Data Intelligence: What is it and why is it so important?
The process of digital transformation has brought us many new developments, and more businesses are becoming data-driven as they are not only able to monetize that data directly, but can also utilize it for future decision-making.
Cybersecurity Red Team Versus Blue Team — Main Differences Explained
When discussing cybersecurity, the terms “Red team” and “Blue team” are often mentioned. Long associated with the military, these terms are used to describe teams that use their skills to imitate the attack techniques that “enemies” might use, and other teams that use their skills to defend. In cybersecurity, there isn’t much difference.
Top 25 Kali Linux Penetration Testing Tools
Kali Linux is an open source distribution based on Debian focused on providing penetration testing and security auditing tools. Actively developed by Offensive Security, it’s one of the most popular security distributions in use by infosec companies and ethical hackers.
DNS Forensic Analysis Using Domain History API and DNS History API
DNS allows IP addresses’ numbers to be converted into human-readable domain names, letting us browse the internet or send emails without knowing what’s behind the scenes. Domain names are easy to use on any online service, and they work pretty well for all kind of web-based products.
Top 5 Ways to Handle a Data Breach
With data breaches occurring regularly, people have become desensitized to them. This isn’t good, since the protection of data has never been more important. Not only are business required to announce that a data breach has occured, they are also obligated to pay fines due to regulations in accordance with GDPR.
The Most Popular Types of DNS Attacks
Ever since its creation, DNS has been known as one of the most critical internet services in existence. It’s the key component that allows your computer to show you content, right before your eyes. Email services, chat services and even social networks rely on DNS to work 24 hours a day, 7 days a week resolving IP addresses into hostnames.
How to Improve Your Cyber Insurance Underwriting
Cyber attacks can and do happen, and they happen all the time. There are all kinds of different attacks and threats you can encounter on the Internet, to the extent that we’ve even written about the most common network security threats. This has inevitably led to cyber risk coverage as an important and growing market.
Top 5 talks at DEF CON and Black Hat
This year we saw record-breaking visitor numbers at both DEF CON and Black Hat. Both conferences have been around for over 20 years (DEF CON was founded in 1993 and Black Hat in 1997) and each year they continue to deliver the latest information — and sometimes alarming talks — about the infosec world.
Making the Web a Better Place: Fixing Caddy Web Server Hostname Enumeration Vulnerability (CVE-2018-19148)
TL;DR The web server software Caddy leaked information on which SSL certificates were on each installation through enumeration. We submitted a bug report, built a proof of concept, submitted a CVE and the developer of Caddy Matt Holt fixed it and released Caddy 0.11.1.
SurfaceBrowser: a Passive Intelligence Tool for Exploring the Surface of Any Company
A few weeks ago we launched our new IP, Domain and Company Enrichment Feeds, and today we’re excited to show you one of the most robust information gathering utilities available on the Internet.