SearchLight’s Exposed Document Alerts: Uncover the Critical, Faster
BACKING UP…INTO A DITCH I am a terrible driver. While I’ve sat through Driver’s Ed courses, studied physics and trigonometry, ...
Read Post
2.3 billion files exposed across online file storage technologies
Currently 2.3 billion files are being made publicly available by misconfigured and non-secured technologies used to store this data such as Amazon S3 buckets, Server Message Block (SMB), File Transfer
Read Post
Reducing technical leakage: Detecting software exposure from the outside-in
Modern Development Practices Leads to Increased Exposure As customers, we can be a bit demanding when it comes to technology ...
Read Post
How Digital Shadows Helped Find and Remediate an Exposed Admin Password on Github
In this blog series, we’ll share some tales from the front lines – keeping client names anonymous, of course. We’ll investigate some of SearchLight’s most impactful findings, and more importantly, she
Read Post
How to minimize cybersecurity breaches in 2020
Seriously, don’t click back or close – I promise it’s not another one of those “buy all the newest stuff ...
Read Post
DevSecOps: Continued Database Exposures Point to Growing Challenges
Last week, we learned that millions of Ecuadorian’s personal details had been exposed by a misconfigured ElasticSearch database. This is ...
Read Post
Asset Inventory Management: Difficult But Essential
Asset inventories are one of the most important things to get right. Done correctly, they give you the best insight into your potential attack surface and identify where to focus your efforts.
Read Post
Typosquatting and the 2020 U.S. Presidential election: Cyberspace as the new political battleground
we detected over 550 typosquats for the 34 candidate- and election-related domains we gathered from open-source research. Not every single one was something interesting; most of the time the typosquat
Read Post
Cybercriminal credit card stores: Is Brian out of the club?
In this blog, we determine whether this targeted attack on BriansClub will impact the wider cybercriminal credit carding landscape, and speculate whether it could galvanize the community to push anoth
Read Post
Honeypots: Tracking Attacks Against Misconfigured or Exposed Services
Honeypots can be useful tools for gathering information on current attack techniques. Conversely, they can be an overwhelming source of ...
Read Post
Understanding the Consequences of Data Leakage through History
One of the most interesting aspects of transitioning from high school history teacher to cyber threat intelligence professional is the ...
Read Post