Dangers of Storing Sensitive Data in Web Storage: 5 Real Attack Scenarios
Lead Penetration Tester Ryan Chaplin walks us through 5 real-world attack scenarios used in real-world penetration tests by Raxis.
-
-
Cybersecurity: It’s how to say “Yes.”
Contrary to common misconceptions, cybersecurity acts as a powerful enabler in the digital age, fostering innovation, driving business growth, and empowering organizations to harness technology’s full potential. By building trust, accelerating innovation, enabling emerging technologies, enhancing efficiency, ensuring compliance, supporting remote work, and protecting intellectual property, robust cybersecurity measures create a secure foundation for organizations to thrive and innovate in an increasingly interconnected world.
-
Accepting Penetration Test Risks & How Compensating Controls Can Help
Tim Semchenko discusses documenting acceptance of risks and implementing compensating controls as options when pentest findings cannot be fixed immediately.
-
Cool Tools Series: NMAP for Penetration Tests
Raxis’ lead developer, Adam Fernandez, adds to our Cool Tools Series with a focus on Nmap: discovering live hosts that appear to be down and useful NSE scripts.
-
Cyber Civil Defense: We Can All Fight the Russians
If you’re outraged over the invasion of Ukraine, there are some things you can do that will actually help make it harder for the Russian government to expand its hostilities.
-
Chained Attacks and How a Scan Can Leave You Vulnerable
Vulnerability scans are useful tools for protecting your network. Find out why you shouldn’t rely on them exclusively.
-
Keep Your Cookies in the Cookie Jar: HttpOnly and Secure Flags
How can cookies be used against you? And how do you keep that from happening? Raxis’ Matt Dunn explains.
-
Hurricane Ida: Limiting the Damage
Lead penetration tester Scottie Cole is a Gulf Coast resident and former first responder. Read his tips for avoiding hackers and scams that can be as costly as a natural disaster.
-
Don’t Take the Smishbait
Unwanted text messages are annoying, but some also hide malicious links. Here are some ways to avoid being “smished.”
-
12 New Cyber Terms the World Needs Now
The cybersecurity profession has its own lingo. As experts in the field, the Raxis team felt compelled to add a few we thought were missing.
-
Realistically Assessing the Threat of Clickjacking Today: A Penetration Tester Perspective
Raxis’ Lead Developer Adam Fernandez discusses clickjacking, explaining what it is and why it represents less of a threat now than it once did. Adam also talks about how clickjacking differs from similar attacks.
-
Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)
Raxis lead penetration tester Matt Dunn has uncovered a new cross-site scripting vulnerability in Manage Engine AD Self Service Plus (CVE-2021-27956). Find out more here.
