Security Research Articles

Information security is a rapidly changing, dynamic field with new attacks, breaches, technologies and vulnerabilities sprouting daily. And with such an influx of information, facts can be overlooked. Research and deeper investigation into these topics, however, can help us identify further potential threats while improving situational awareness, attack attribution and even defenses against future attacks.

In the “Research” category, we show you how SecurityTrails tools can help uncover what’s beneath the surface of controversial websites, malware, cybercrime campaigns, data breaches and bugs that make the headlines.

One of our earliest research projects here is a look into how you can track and trace websites who promote violence and other illegal activities (such as The Daily Stormer) through their DNS records. Among our later explorations, you’ll see our looks at malicious domain campaigns in the wake of hurricane Florence, cryptojacking campaigns, shutting down 8chan and, of course, our Recon Safari series.

Insights and lessons learned from the recent BIG-IP Application Delivery Services Vulnerability.
SecurityTrails Blog · May 16 · by German Hoeffner

Insights and lessons learned from the recent BIG-IP Application Delivery Services Vulnerability

Every few months, a bug will come along that puts the information security community into a flurry of activity. Working weekends and nights to understand new vulnerability information as it comes to light, applying new patches (sometimes multiple times, as the situation changes), while also keeping apprised of new information hasn’t been uncommon. Throughout these past couple of years, we’ve had bugs as notable as Log4J, ProxyLogon, and more recently, a string of F5 vulnerabilities.

Critical Log4j Vulnerability Threatens Major Internet Players.
SecurityTrails Blog · Dec 10 2021 · by German Hoeffner

Critical Log4j Vulnerability Threatens Major Internet Players

The SecurityTrails research team is tracking a critical RCE vulnerability in Apache Log4j which affects many major internet-facing services. Log4j is a Java logging package that’s used in many popular services and utilities. With a CVSS score of 10, this vulnerability (CVE-2021-44228) impacts Apache Log4j versions 2.0-beta9 to 2.14.1 according to Apache.

Blast Radius: Mapping, Controlling, and Exploiting Dynamic Self-Registration Services.
SecurityTrails Blog · Aug 24 2021 · by Ken Pyle

Blast Radius: Mapping, Controlling, and Exploiting Dynamic Self-Registration Services

Vendors such as Datto, GeoVision, Synology and others leverage and depend on self-registered services for their products. These devices frequently leak critical data or have insecure design, unintentional or even intentional design decisions and application flaws. Through insecure network design and installation practices, they can be easily mapped, discovered and attacked by cyber criminals via insecure vendor, software and integrator practices.

Recon Safari #4: Domains Riding the Robinhood Wave.
SecurityTrails Blog · Feb 23 2021 · by SecurityTrails team

Recon Safari #4: Domains Riding the Robinhood Wave

During the past couple of weeks, the popular free financial trading app Robinhood made headlines for halting purchases of certain stocks. This has resulted in a lot of bad publicity for the company. And because threat actors enjoy exploiting trending news topics to their advantage, we decided to look at newly registered Robinhood domains to see how they’re being used.

Iran, the IRGC and Fake News Websites.
SecurityTrails Blog · Dec 17 2020 · by SecurityTrails Team

Iran, the IRGC and Fake News Websites

Recently, the Department of Justice made two public announcements about shutting down fake news websites created by Iran’s Islamic Revolutionary Guard Corps (IRGC). In the first instance, 92 domains were seized in August 2020. And according to the second announcement, 27 more domains were seized as part of the same effort to spread global disinformation.

  • 1
  • 2
X