Nowadays, securing and managing a company’s digital footprint has become an even more difficult challenge. With so many subdomains, code repositories, and applications, some untracked assets are bound to be overlooked. As the attack surface expands, visibility of the complete landscape is essential to keep an organization’s assets safe.
At RedHunt Labs, (under Project Resonance), we frequently conduct internet-wide research in different shapes and formats to understand the state of security across the internet. In this iteration, we conducted a study about the current state of DNS configurations (SPF, DKIM and DMARC records) from a security perspective. We scanned more than 2.2 billion domains but before we discuss the insights, let’s quickly go over the basics.
Studies reveal that a data leak can seriously damage a company’s image and brand value. It can harm the goodwill of a brand and cause a loss of client trust.
As per the Risk Based Security research report, in 2019, over 5000 breaches were reported, exposing 7.9 billion records. A data breach is not just a matter of privacy concern; it concerns all the stakeholders interested in protecting the brand’s name.
What is Log4j Vulnerability? Apache Log4j is an open source
Docker is a popular tool that has become synonymous with containers. Docker can build images and run containers. The tool also allows its users to upload their docker images to Docker Hub – the container image registry from Docker Inc. that helps share images. Docker Hub allows free public repositories for images.
During this research, we found more than 1.6 million unique user accounts on Docker Hub. There are more than 6.3 million public repositories at the time of writing this blog.
Studies reveal that a data leak can seriously damage a company’s image and brand value. It can harm the goodwill of a brand and cause a loss of client trust.
As per the Risk Based Security research report, in 2019, over 5000 breaches were reported, exposing 7.9 billion records. A data breach is not just a matter of privacy concern; it concerns all the stakeholders interested in protecting the brand’s name.
What is Log4j Vulnerability? Apache Log4j is an open source logging framework that allows software developers to log various data within their application. This data can also include user input.
Docker is a popular tool that has become synonymous with containers. Docker can build images and run containers. The tool also allows its users to upload their docker images to Docker Hub – the container image registry from Docker Inc. that helps share images. Docker Hub allows free public repositories for images.
During this research, we found more than 1.6 million unique user accounts on Docker Hub. There are more than 6.3 million public repositories at the time of writing this blog.
Domain Takeover occurs when the organization did not renew its domain but still use it in their code and infrastructure. When the attacker registers the abandoned domain, they own the domain, including its subdomains and other types of DNS records.
We have been listening to your feedback and we are excited to announce that our Attack Surface Management (ASM) Platform, NVADR, now supports SSO (Single Sign On) and MFA (Multi Factor Authentication). This capability has been turned on for all the users and we support SSO for Google Suite, Microsoft Office 365, and LinkedIn for simple and secure identity management via Auth0.
Today marks an exciting new day for RedHunt Labs. We are officially launching a new brand identity for the company, positioning us more accurately as the team we’ve evolved and grown to be.
While we have a new modernized and simplified logo to have a fresh look, our new brand identity simply reflects who we are today and our focus on helping clients secure their data and assets.
