Security Research Articles

Information security is a rapidly changing, dynamic field with new attacks, breaches, technologies and vulnerabilities sprouting daily. And with such an influx of information, facts can be overlooked. Research and deeper investigation into these topics, however, can help us identify further potential threats while improving situational awareness, attack attribution and even defenses against future attacks.

In the “Research” category, we show you how SecurityTrails tools can help uncover what’s beneath the surface of controversial websites, malware, cybercrime campaigns, data breaches and bugs that make the headlines.

One of our earliest research projects here is a look into how you can track and trace websites who promote violence and other illegal activities (such as The Daily Stormer) through their DNS records. Among our later explorations, you’ll see our looks at malicious domain campaigns in the wake of hurricane Florence, cryptojacking campaigns, shutting down 8chan and, of course, our Recon Safari series.

Insights and lessons learned from the recent BIG-IP Application Delivery Services Vulnerability
SecurityTrails Blog · May 16 2022 · by German Hoeffner

Insights and lessons learned from the recent BIG-IP Application Delivery Services Vulnerability

Every few months, a bug will come along that puts the information security community into a flurry of activity. Working weekends and nights to understand new vulnerability information as it comes to light, applying new patches (sometimes multiple times, as the situation changes), while also keeping apprised of new information hasn’t been uncommon. Throughout these past couple of years, we’ve had bugs as notable as Log4J, ProxyLogon, and more recently, a string of F5 vulnerabilities.

Blast Radius: Mapping, Controlling, and Exploiting Dynamic Self-Registration Services
SecurityTrails Blog · Aug 24 2021 · by Ken Pyle

Blast Radius: Mapping, Controlling, and Exploiting Dynamic Self-Registration Services

Vendors such as Datto, GeoVision, Synology and others leverage and depend on self-registered services for their products. These devices frequently leak critical data or have insecure design, unintentional or even intentional design decisions and application flaws. Through insecure network design and installation practices, they can be easily mapped, discovered and attacked by cyber criminals via insecure vendor, software and integrator practices.