Vulnerability Archive
Malicious JavaScripts

Malicious JavaScripts: How Can You Get Hacked?

Malicious JavaScripts: How Can You Get Hacked? Detecting the vulnerabilities and leaking are of the essence in hacking. That’s why maintaining cyber security is quite crucial for individuals and corporations. In 2017, even a big firm like Yahoo was hacked by a simple phishing e-mail. Equifast -one of the largest credit bureaus- was hacked through […]
Malicious Javascript hack Code

How Companies Are Hacked via Malicious Javascript Hack Code?

Malicious Javascript Hack Code; JavaScript is dangerous. Maybe you’ve heard this sentence several times before. Actually, being dangerous or not dangerous is true under different circumstances. JavaScript can be dangerous if the proper precautions aren’t taken. It can be used to view or steal personal data even you don’t realize what’s going on. And since […]
Domain Shadowing

Domain Shadowing

What is Domain Shadowing? The concept of domain shadowing has first appeared in 2011, and domain shadowing attack is defined as the creating new subdomains to intervene in traffic flow by attackers. Domain shadowing is the process of creating subdomains by domain owners using credentials. Subdomains are created for legitimate domains. For cyber criminals, domain […]
cms vulnerability

How Companies are Hacked via Basic CMS Vulnerabilities

CMS Vulnerabilities; What is CMS? CMS (Content Management Systems) is a computer application that supports the creation and modification of digital content [1]. Basically, we use it for website management and preparation. Over time, many organizations have developed their own custom CMS software. With the increase of these software, in 1995, CNET developed the idea […]
cms vulnerability

Smart Solution, Smart Aggregation

Smart Solution, Smart Aggregation; Think of the vast amount patch related of vulnerabilities you get after an automatic scan; for example insecure Apache httpd version. Frequently, these issues can be grouped since they are related to Apache httpd and instead of using different names one can show all these vulnerabilities using a single name. This […]
Ecosystem Cyber Risk Manager

Passive Vulnerability Scan & Early Notice for Non Remotely Scannables

Passive Vulnerability Scan; Vulnerabilities such as MS15-034 are big deal for information security specialists who have to keep up with the critical security patches on high pressure business environments. In one hand they know that the cat is out of bag and they have to find out their vulnerable servers, however, on the other hand […]

Steep Increase in Discovered Vulnerabilities in 2014

Vulnerabilities in 2014; According to the Secunia, a total of 15,435 vulnerabilities were discovered in 3,870 products during 2014. This is a 55% increase compared to the previous 5 year long discovered vulnerability trend. Another important piece of information is that of those 15,435 vulnerabilities 60% of them are triggered remotely. Yet another proof that […]
Rapid Cyber Risk Scorecard

Express Yourself by Comparing Vulnerabilities

Express Yourself by Comparing Vulnerabilities; Penetration tests result in reports, that’s the usual output. But when having more than one penetration tests, it’s not that frequent to have a report comparing vulnerabilities found previously/after. In NormShied you can easily produce comparison reports aiming exactly this in seconds. The idea is to see newly found vulnerabilities […]
NormShield Threat Vulnerability Orchestration

Vulnerability One Stop Shop

Vulnerability; What would you expect to see when confronted with a vulnerability in a vulnerability management service? The answers vary of course. However, there are fundamental data and knowledge that shouldn’t be missed when representing a vulnerability; Vulnerability The vulnerability name Generic knowledge defining the vulnerability category in detail The severity of the vulnerability The […]
panoramic asset

360 Degree Panoramic Asset View

Panoramic Asset; NormShield has a panoramic view of your company’s assets including every detail you need. This panoramic view, complementing the list view, includes; alarms, vulnerabilities, services, possible SSL protocol weaknesses, Domain/SSL certificate problems, DNS and other details. Panoramic Asset You can also have an instant risk understanding of the asset by viewing the NormShield […]