Tag: penetration testing
Email Headers An excellent source of internal configuration information can be gleaned from email headers. Attackers can simply fire off a few email inquiries to folks at an organization and see what they can find. Here’s a typical email header using our example company, Boring Aeroplanes, from our phishing example. Note both internal and…
Read MoreData from the Retail Cyber Intelligence Sharing Center (R-CISC) echoes the F5 SOC findings and shows that dramatic increases in shopping activity actually continue into January, making retailers a likely target of attackers.1 In a 2018 survey of R-CISC members, respondents expressed their concern, identifying phishing, credential compromise, and account takeover (ATO) among their top…
Read MoreTo both understand and keep pace with evolving cybercriminal mindsets, many businesses are fighting fire with fire – in other words hiring hackers for help. In fact, large corporations such as Airbnb, PayPal and Spotify, recently revealed that they have willingly spent over £38M on ethical hackers to tighten their cyber defences and avoid crippling…
Read MoreWe’re finishing up our series on what to do when your organization tells you they want to roll out a mobile app. In part one, we asked lots of questions so we could do a thorough risk and requirements analysis. In part two, we used that information to define security requirements and ensure that we…
Read More