Security Strategy

Cybersecurity Benchmarking is a well-established practice among successful organizations, but the areas these organizations choose to benchmark have not always evolved with changing business concerns. The number of Cybersecurity threats across all industries around the world is increasing tremendously. Today’s organizations predominantly struggle with the protection of their aforementioned critical… Read More »Top 5 Recommendation for Cybersecurity Benchmarking

Domain hijacking is the act of changing the domain name registration without the original Registrant’s permission, or by abuse of privileges on domain hosting and registrar software systems. It is a form of theft that takes place online, where the thief/attacker takes access of a domain without the consent of… Read More »Domain Hijacking & 3 Easy Countermeasures

Credential stuffing is a method that hackers use to infiltrate a company’s system by automated injection of breached username & password pairs. Attackers use credentials to bypass anti-spam and firewall devices and access users accounts. Once they were inside the company network, they can send phishing emails or compromise company… Read More »Credential Stuffing: 8.7 Identity-Record Data Are On Surface, Deep & Dark Web

Subdomain Takeover is a type of risk which exists when a DNS entry (subdomain) of an organization points to an External Service (ex. Heroku, Github, Bitbucket, Desk, Squarespace, Shopify, etc) but the service is no longer utilized (deleted or migrated). We have complied a list of Top Open Source Tools to detect… Read More »Top Open Source Tools to detect Subdomain takeover risk

Subdomain Takeover is a type of vulnerability which appears when a DNS entry (subdomain) of an organization points to an External Service (ex. Heroku, Github, Bitbucket, Desk, Squarespace, Shopify, etc) but the service is no longer utilized or has been migrated/deleted. In this blog, we will be dissecting Uber Subdomain takeover vulnerability… Read More »Analysing/Dissecting Uber Subdomain Takeover Attack – FireCompass