Last year, two high severity, easily exploitable Microsoft Exchange vulnerabilities dubbed ProxyLogon and ProxyShell made waves in the infosec sphere.
Cyber criminal groups are specialising as malware developers, initial access brokers, ransomware-as-a-service providers, data brokers, and other roles.
SCA tools give insight into open source software components and the vulnerabilities they have.
SSRF attacks consist of an attacker tricking the server into making an unauthorised request. Defending against them can be relatively easy.
Java provides a means to conveniently serialise data to maintain its integrity as it's sent over a network.
From trusted pentesting tools to LOLBINs, attackers abuse trusted platforms and protocols to evade security controls.
The rise of professional criminal gangs, malware-as-a-service, and improved infrastructure for carrying out criminal activity are changing the dark web.