Blog - RedHunt Labs

Attack Surface Management – Risks of an Exposed Docker Image

November 22, 2022

By default, every image pushed to the Docker Hub through your free account appears in the public registry by default. This business strategy of Docker Inc. to engage more people into purchasing their paid subscriptions puts the free users at risk. Once an attacker finds exposed docker images related to your organisation, there is plenty of information which can be used by the attacker to cause damage to the organisation’s security posture.

Analysing Misconfigured Firebase Apps: A Tale of Unearthing Data Breaches (Wave 10)

November 17, 2022

Introduction In the last few years, Data breaches have been

Attack Surface Management – Risks of an Exposed Service / Port

November 15, 2022

Open ports help applications serve their purpose correctly. However, certain services running on ports exposed to the internet may pose security risks.

In this blog, we will cover the risks of an Exposed Service / Port and how it can overall impact the overall Attack Surface of your organization.

OpenSSL v3: Two High-Priority Patches and A Week of Horror

November 5, 2022

A technical analysis of the two newly released high severity vulnerabilities in OpenSSL, dubbed CVE-2022-3786 and CVE-3602.

Thousands of Unsecured Kubernetes Clusters Exposed on the Internet — Wave 9

October 18, 2022

Wave 9 of Project Resonance was conducted to determine the security posture of the exposed Kubernetes clusters around the internet. Over 500,000 unsecured Kubernetes instances were discovered during the course of the research.

Attack Surface Management – Risks of an Exposed Docker Image

November 22, 2022 No Comments

Project Resonance

Analysing Misconfigured Firebase Apps: A Tale of Unearthing Data Breaches (Wave 10)

Introduction In the last few years, Data breaches have been on the rise. Apart from the web servers, mobile applications and other assets that are generally targeted, a popular mobile

November 17, 2022 No Comments

Technology

Attack Surface Management – Risks of an Exposed Service / Port

Open ports help applications serve their purpose correctly. However, certain services running on ports exposed to the internet may pose security risks.

In this blog, we will cover the risks of an Exposed Service / Port and how it can overall impact the overall Attack Surface of your organization.

November 15, 2022 No Comments

Security Best Practices

OpenSSL v3: Two High-Priority Patches and A Week of Horror

A technical analysis of the two newly released high severity vulnerabilities in OpenSSL, dubbed CVE-2022-3786 and CVE-3602.

November 5, 2022 No Comments

Project Resonance

Thousands of Unsecured Kubernetes Clusters Exposed on the Internet — Wave 9

October 18, 2022 No Comments

Project Resonance

The Current State of Security, Privacy and Attack Surface on Android: Scanning Apps for Secrets and More – Wave 8

Our research shows that secret leakage is still an issue developers must be addressed with secure development practices. We recommend that developers ensure that any cloud computing solutions they integrate into their apps are correctly configured to avoid the leakage of sensitive information and prevent threats for both the organization and end-users. We recommend that end-users pay attention to what permissions their favourite apps require for everyday usage and check if they are even needed to combat predatory practices.

September 7, 2022 No Comments