Attack Surface Management (ASM) is the proactive practice of identifying and managing the potential attack surface of an organization's IT assets to prevent and mitigate potential attacks by hackers. It is essential to minimize the exposure of valuable assets as targets for hackers. However, despite the importance of ASM, many people still fail to grasp how [...]
It has recently been confirmed in Korea that personal information, including an identity photo, resident registration number, address, and phone number of an individual who submitted an application form to a public institution four years ago, had been publicly exposed on the internet for the past four years. It has also been confirmed that it was [...]
OSINT (Open Source Intelligence), refers to the intelligence information collected and analyzed from publicly available sources. The internet itself is a huge big data platform and a space of collective intelligence. Most of the information on the internet, including media, search engines like Google, blogs, and social media, is publicly available, making it easy to [...]
If you are a Criminal IP and Spunk user, here's good news! The Criminal IP and Splunk integrated app that integrates the log analysis platform Splunk dashboard and the Criminal IP FDS (Fraud Detection System) API function has been released. You can now download Criminal IP FDS from Splunkbase and monitor real-time logs of enterprises' fraudulent transactions and abusing users [...]
To stop spam emails, it is common for companies to implement several anti-spam solutions, such as spam filters, in their mail servers. Nevertheless, there are many cases where anti-spam solutions are often bypassed. In order to bypass the anti-spam system, attackers use official mail services from well-known conglomerates or send malicious emails by skillfully avoiding the [...]
It is well-known that most companies utilize various network equipment, databases, applications, and domains and that these IT properties often operate under a myriad of IP addresses and ports. Hackers with malicious intent, with this knowledge, begin their methods of infiltration by searching for open ports and targeting servers with severe security vulnerabilities. This has made Attack [...]
Criminal IP (https://www.criminalip.io) collects global IP address data, which includes synthetic CTI intelligence such as connected domains, Whois information, location information, and vulnerability and port information. Port is primarily used in software as a unit to distinguish between network services and processes, and can be distinguished by port numbers from 0 to 65535. In particular, ports 0 [...]
One of the most powerful features of Criminal IP API, the VPN Detection API, is used to identify anonymous intruders using VPNs regardless of their intentions. With Criminal IP (https://www.criminalip.io)'s API capability, you can apply our entire data, including but not limited to VPN IP addresses, across corporate and institutional security teams, as well as the cybersecurity industry. [...]
With the acceleration of digital transformation and the growing number of companies extending their businesses to the cloud, many unmonitored external attack surfaces (VPNs, RDPs, SMBs, certificates, mobile devices, etc.) are giving rise to frequent attacks by threat actors. To effectively protect against external attacks, it is essential to precisely identify all IT assets and [...]
Developer organizations heavily depend on various tools to support communication, collaboration, and productivity. As a result, there is a growing trend among many companies to embrace application packaging tools like Docker and Kubernetes. Both companies and developers increasingly prefer Docker containers because they can package applications, configurations, and libraries and distribute them in a unified [...]
