SecurityTrails Blog
Cyber Security Culture: Why It Matters for Your Business
As much as technology has grown with cloud computing, IoT devices and new software applications, organizations have in turn created a larger attack surface that opens the door for more potential cyber attacks.
DNS Hijacking: How to Identify and Protect Against It
A cyber threat thought by many to be a thing of the past has seen its resurrection over the past couple of months. Earlier in the year, we saw reports about widespread DNS hijacking campaigns targeting the Middle East and North Africa with a few in Europe and the US. That was followed by information about DNS hijacking attacks targeting home routers and phishing websites that imitate Netflix, PayPal, Uber, Gmail and more.
Find Vulnerabilities Before They Become Yours: Cybersecurity with Mergers and Acquisitions
All digital assets, including network systems, data and the way it’s stored and protected, are the foundation of any successful business. That’s why they can pose a significant business risk. The dependence of modern businesses on their digital records raises their potential vulnerability to security breaches.
Top GitHub Dorks and Tools Used to Scan GitHub Repositories for Sensitive Data
For years, using Github as your main repository for application development version control has been the industry standard. Even in the presence of many competitors, Github still stands as the number one option. Millions of developers push code changes to GitHub several times in a single day, and those changes can be overwhelming when you’re working simultaneously with distributed dev teams ‘round the clock. Troubles arise when developers accidentally include password credentials, usernames or cloud-based keys in their public and private repos.
Is SSL really a sign of security?
Over the past few years, we’ve seen SSL/TLS growth like never before. And that’s due, in part, to a series of events boosted by companies like Google with their famous announcement of HTTPS as a ranking signal, Mozilla, Cisco, Akamai, other big players with the Let’s Encrypt project, cPanel’s free AutoSSL features released to the web hosting industry, and many others making strides toward a better, safer internet.
WHOIS History: The Importance of WHOIS Records in the Infosec Industry
Domain names are collectively one of the most essential components of the Internet. Without them we wouldn’t be able to send an email, connect to social networks and of course, browse any web pages available on the net.
lnkr: The New Malicious Browser Extensions Campaign Spreading Across the Net
In 1995, Netscape, with its classic NPAPI technology, became the first browser to support extensions. Internet Explorer, Firefox, Chrome, and Opera did the same a few years later, between 1999 and 2009.
Analyzing SSL Certificates with SurfaceBrowser
SSL certificates have been in use for decades, but in recent years we’ve seen a tremendous boost in SSL orders from all the major providers. Nowadays, SSL certificates play a critical role in the cybersecurity industry.
Domain Theft: How to Avoid Buying Stolen Domain Names and Protect Your Own Domains
Previously we shared some interesting tips about domain hijacking, where we discussed a few concepts, information and tips to prevent this kind of malicious activity against your domain names. Domain stealing, also known as domain theft, is a common criminal activity on the Internet. It consists in transferring your domain name illegally to another registrar, without you knowing about it.
OpSec: A Vital Part of Any Cybersecurity Program
We all have something to hide. Even though humans are social beings, there are some things we want to keep to ourselves, and it’s been like that since the beginning of humankind.