Vulnerability Detection Using Attack Surface Management: Criminal IP ASM Use Case (1)

Attack Surface Management (ASM) is the proactive practice of identifying and managing the potential attack surface of an organization's IT assets to prevent and mitigate potential attacks by hackers. It is essential to minimize the exposure of valuable assets as targets for hackers. However, despite the importance of ASM, many people still fail to grasp how [...]

By |2023-05-24T15:19:10+09:00May 24th, 2023|Tags: |2 Comments

Detect Personal Information Leakage With OSINT Attack Surface Management  

It has recently been confirmed in Korea that personal information, including an identity photo, resident registration number, address, and phone number of an individual who submitted an application form to a public institution four years ago, had been publicly exposed on the internet for the past four years. It has also been confirmed that it was [...]

By |2023-05-10T18:01:38+09:00May 9th, 2023|Tags: , , |0 Comments

Using OSINT Search Engines To Collect Cyber Threat Intelligence

OSINT (Open Source Intelligence), refers to the intelligence information collected and analyzed from publicly available sources. The internet itself is a huge big data platform and a space of collective intelligence. Most of the information on the internet, including media, search engines like Google, blogs, and social media, is publicly available, making it easy to [...]

By |2023-03-24T09:45:59+09:00March 22nd, 2023|1 Comment

Criminal IP, Splunk Integrated FDS App Released

If you are a Criminal IP and Spunk user, here's good news! The Criminal IP and Splunk integrated app that integrates the log analysis platform Splunk dashboard and the Criminal IP FDS (Fraud Detection System) API function has been released. You can now download Criminal IP FDS from Splunkbase and monitor real-time logs of enterprises' fraudulent transactions and abusing users [...]

By |2023-01-05T10:02:18+09:00December 15th, 2022|Tags: |0 Comments

IP Intelligence: How to Handle IP Addresses That Attempt to Bypass Anti-spam Solutions

To stop spam emails, it is common for companies to implement several anti-spam solutions, such as spam filters, in their mail servers. Nevertheless, there are many cases where anti-spam solutions are often bypassed.  In order to bypass the anti-spam system, attackers use official mail services from well-known conglomerates or send malicious emails by skillfully avoiding the [...]

By |2023-02-10T10:16:09+09:00October 11th, 2022|Tags: , |1 Comment

Attack Surface Management: Monitoring Unknown Assets and Vulnerabilities

It is well-known that most companies utilize various network equipment, databases, applications, and domains and that these IT properties often operate under a myriad of IP addresses and ports. Hackers with malicious intent, with this knowledge, begin their methods of infiltration by searching for open ports and targeting servers with severe security vulnerabilities. This has made Attack [...]

By |2023-03-22T12:58:03+09:00August 16th, 2022|Tags: , , |4 Comments

Open Port Vulnerability Detection: the More Open Ports You Have, the More Cyber Threats Exist

Criminal IP (https://www.criminalip.io) collects global IP address data, which includes synthetic CTI intelligence such as connected domains, Whois information, location information, and vulnerability and port information. Port is primarily used in software as a unit to distinguish between network services and processes, and can be distinguished by port numbers from 0 to 65535. In particular, ports 0 [...]

By |2023-03-30T19:02:19+09:00August 4th, 2022|1 Comment

VPN Detection: Finding Unwelcomed Guests on Your Network

One of the most powerful features of Criminal IP API, the VPN Detection API, is used to identify anonymous intruders using VPNs regardless of their intentions. With Criminal IP (https://www.criminalip.io)'s API capability, you can apply our entire data, including but not limited to VPN IP addresses, across corporate and institutional security teams, as well as the cybersecurity industry. [...]

By |2023-03-30T19:14:57+09:00July 20th, 2022|2 Comments

Find Your Company IP

With the acceleration of digital transformation and the growing number of companies extending their businesses to the cloud, many unmonitored external attack surfaces (VPNs, RDPs, SMBs, certificates, mobile devices, etc.) are giving rise to frequent attacks by threat actors. To effectively protect against external attacks, it is essential to precisely identify all IT assets and [...]

By |2023-05-25T10:43:37+09:00March 10th, 2022|Tags: , , , |1 Comment

Detecting Vulnerabilities With Asset Search

Developer organizations heavily depend on various tools to support communication, collaboration, and productivity. As a result, there is a growing trend among many companies to embrace application packaging tools like Docker and Kubernetes. Both companies and developers increasingly prefer Docker containers because they can package applications, configurations, and libraries and distribute them in a unified [...]

Go to Top