SecurityTrails Blog
Cyber Crime Investigation Tools and Techniques Explained
Investigating a crime scene is not an easy job. It requires years of study to learn how to deal with hard cases, and most importantly, get those cases resolved. This applies not only to real-world crime scenes, but also to those in the digital world.
Top 10 Hacker Movies of all Time
Hollywood has a knack for influencing public opinion on many different topics. It’s been doing just that for over a century, and hackers have been no exception.
Social Engineering: What Is It? Types of Social Engineering Attacks and How to Protect Yourself from Them
With human error being the top cause of data breaches¹ in all kinds of organizations, it isn’t surprising that a type of cyber attack that exploits human psychology would be one of the most common threats to enterprise security we see.
Domain Security & Solutions, Part 4: How to Protect your Account at your Registrar
Not all entrepreneurs and developers are truly aware of the implications of losing a domain name. That’s why keeping it secure has to be one of your top priorities when running a company or business with an online presence.
Exploring Google Hacking Techniques
Some time ago we wrote an interesting post about the OSINT concept and its importance in the security researching world, showing how easy it is to get information from publicly available sources on the Internet. Last week one of our developers shared an interesting link he found — one that was exposing many supposedly “private” resources from different websites.
Domain Theft: How to Avoid Buying Stolen Domain Names and Protect Your Own Domains
Previously we shared some interesting tips about domain hijacking, where we discussed a few concepts, information and tips to prevent this kind of malicious activity against your domain names. Domain stealing, also known as domain theft, is a common criminal activity on the Internet. It consists in transferring your domain name illegally to another registrar, without you knowing about it.
Making the Web a Better Place: Fixing Caddy Web Server Hostname Enumeration Vulnerability (CVE-2018-19148)
TL;DR The web server software Caddy leaked information on which SSL certificates were on each installation through enumeration. We submitted a bug report, built a proof of concept, submitted a CVE and the developer of Caddy Matt Holt fixed it and released Caddy 0.11.1.
Top 10 Common Network Security Threats Explained
The old childhood warning “Stranger danger!” has withstood the test of time even in our modern, developed world. Now that most of our daily procedures and activities are automatized and available for use on the Internet, we need to take the same level of precaution we did as children, crossing to the other side of the street whenever we saw a suspicious stranger. This precaution is needed even more after seeing some critical statistics surface, claiming that nearly one-third of the world’s computers are infected with some type of malware.
Is WordPress Secure?
WordPress is one of the most high-profile open source CMS's in use today. Being that 60% of all CMS websites use Wordpress, and 31% of all websites on the Internet use it, it's safe to say that it's a frequent target of security exploits.
Top 15 Ethical Hacking Tools Used by Infosec Professionals
Automated tools now rule the Internet; you can find a few to make your social networks grow, others to answer emails automatically, and even bots to help your online customers. Of course, hacking has evolved too: nowadays you can find a lot of automated OSINT Tools that can help anyone with security research and intel reconnaissance in a way that just wasn’t possible twenty years ago.