What are API Subdomains? Subdomains of a website or web application that are reserved especially for hosting APIs (Application Programming Interfaces) are known as API subdomains. These subdomains are used to provide access to various functionalities and data through standardized interfaces, allowing developers to interact with the system programmatically. A Simple Example Suppose you have… Read More »Exploring API Subdomains
Google Dorking, also known as Google hacking, is a technique where advanced search operators are used to find specific information on search engines. It involves crafting search queries to discover vulnerable or exposed data on the internet. Attack surface management involves identifying and securing all possible entry points into an organization’s systems and networks. It… Read More »Google Dorking for Continuous Attack Surface Management
During the week of December 25 to 29, FireCompass research team identified a huge number of CVEs that are high in severity and ransomware, botnets, and threat actors creating havoc. Some of the CVEs identified are of popular commercial products used by variants of industries and somenew & well known malwares targeting industries for this… Read More »Critical CVEs And Active Threats: IBM Aspera Console, Barracuda Networks Inc and More
During this week from December 11 to 15, the FireCompass research team uncovered a substantial number of Common Vulnerabilities and Exposures (CVEs) marked as high severity. Notably, ransomware, botnets, and various threat actors were causing significant disruptions. Among the identified CVEs were vulnerabilities found in widely-used commercial products across various industries. Additionally, new and familiar… Read More »Critical CVEs and Active Threats: CloudPanel, Apache Log4j, NetgatePFsense, Palo Alto & More
What is API Discovery? API discovery plays an important role while mapping the attack surface for a company during a security assessment or any kind of engagement. The discovery allows an organization to map its all API’s and can check which person has what permissions on the API. The Importance Of API Discovery API discovery… Read More »Importance of API Discovery in Attack Surface Management