Cybersecurity Tips

Blog Archive Tag

the exploit blog logo
The Exploit: Penetration Testing Insights From The Frontlines
Cybersecurity Tips
  • Clickjacking causes user to unknowingly purchase tickets

    Realistically Assessing the Threat of Clickjacking Today: A Penetration Tester Perspective

     By Adam Fernandez Raxis’ Lead Developer Adam Fernandez discusses clickjacking, explaining what it is and why it represents less of a threat now than it once did. Adam also talks about how clickjacking differs from similar attacks. May 28, 2021
  • Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)

    Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)

     By Raxis Research Team Raxis lead penetration tester Matt Dunn has uncovered a new cross-site scripting vulnerability in Manage Engine AD Self Service Plus (CVE-2021-27956). Find out more here. May 20, 2021
  • LDAP Passback
    ,

    LDAP Passback and Why We Harp on Passwords

     By Raxis Research Team LDAP passback exploits are easy when companies fail to change default passwords on network devices or fail to assign a password at all. If you connect it, you must protect it. April 30, 2021
  • .be .wa .re .sc .am .me .rs

    A High-Tech Take on an Old-Time Scam

     By Brian Tant Don’t fall prey to scammers trying to convince you that your domain name is about to be stolen by an overseas company. April 23, 2021
  • SonicWall
    ,

    SonicWall Patches Three Zero-Day Vulnerabilities

     By Raxis Research Team Cybersecurity company SonicWall has released patches for three zero-day vulnerabilities that are currently being exploited. April 21, 2021