Hacking

detectify

Ethical hacker shares top tips to protect your attack surface

The underrated threat of domain takeover and hacking a firm’s internal and external attack surface can enable malicious actors to circumvent many advanced website protection mechanisms. However, Detectify Crowdsource hacker Jasmin Landry says that deploying an external attack surface management (EASM) system can help beef up your security before a malicious hacker wreaks havoc on your company. A common aphorism in cybersecurity is that there’s no such thing as perfect security.

reciprocity

How Hackers Exploit Passive and Active Attack Vectors

Learn about the methods cybercriminals use to exploit passive and active attack vectors so you can better protect your business or organization from cyberattacks. Cybercriminals will use any means they can to penetrate your corporate IT assets and exploit any vulnerabilities they find. Your ability to predict and prepare for these incidents could mean the difference between preventing a data breach and recovering from one.

detectify

Meet a Hacker Hero - Eva Galperin

When we asked the security community who is their hacker hero, it was unsurprising to see that Eva Galperin, Director of Cybersecurity at EFF and co-founder of the Coalition Against Stalkerware was a finalist on the list. Galperin is a hacktivist known for her rage tweets that help her fight the good fight to protect vulnerable groups being targeted. Most known for her work to track down APTs, she also champions personal privacy and taking down stalkerware. Oh and she’s done a TED talk.

ekran

Opportunistic Attackers: Who Are They and How Can You Deter Them?

When presented with an opportunity, people who never even planned to attack your organization may turn into a severe cybersecurity threat. Forget to block a dismissed employee from accessing your system and they may steal or alter your critical data. Grant a third-party contractor excessive access to your infrastructure and they may cause a serious data breach. That’s why it’s crucial to make sure you don’t give insiders an opportunity to turn malicious.

detectify

How ethical hacker Frans Rosén deleted your Apple Shortcuts via CloudKit

SHORT SUMMARY: STOCKHOLM, SWEDEN – In February 2021, Detectify co-founder and Crowdsource hacker Frans Rosén was looking for security bugs in Apple services. Noticing that many of Apple’s own apps store their data in public databases on Apple’s data storage framework CloudKit, Frans was curious to know if any specific apps’ data could be modified with access to the public CloudKit containers in which their data was stored. Long story short, they could.

alienvault

Hackers leverage RF to compromise smart TV remotes

This year’s RSA Conference was certainly a surprising one. There was an understandable focus, of course, on remote working security, alongside a relatively high number of presentations dealing with the issues of the moment – Kubernetes, the IoT, and the Biden administration’s plans for cybersecurity. In the midst of these headline presentations, it was easy to miss some of the less dramatic research, and even easier to miss its implications.

Egress

Hit by hackers? You're now a target for more attacks

After being hit by a ransomware or phishing attack, it might be tempting for businesses to think the damage has been done and they can now focus on rebuilding. This is rarely the case. Research shows that 80% of organisations targeted by ransomware end up suffering another attack – and 46% are targeted by the same cybercriminals that hit them in the first place.