Breaking News

Read more

We are passionate about keeping you informed

We regularly publish information here about the latest cyber and cloud security developments and new cyber threats. Via the pop-up window you can sign up for an email alert as soon as a new blog appears. Naturally, all information provided is covered by our privacy policy, which can be found elsewhere on this site.

Red Teaming en Breach & Attack Simulation

Deze blog gaat over het belang van Breach & Attack Simulaties (BAS). Voor de beeldvorming zal ik een aantal bekende technieken aanhalen zoals Pentesten en Red team activiteiten. Uiteraard zijn er veel meer manieren om de security van uw organisatie te beoordelen.

Read more
Pentesten vs. BAS in een notendop

Deze blog gaat over het belang van Breach en Attack Simulaties. Voor de beeldvorming zal ik een aantal bekende technieken aanhalen zoals Pentesten en Red team activiteiten. Uiteraard zijn er veel meer manieren om de security van uw organisatie te beoordelen.

Read more
Wat is Breach and Attack Simulation (BAS)?

Wat is precies breach and attack simulation?

Breach and Attack Simulation (BAS) is eigenlijk dat wat de naam suggereert. Je simuleert een aanval en een succesvolle inbraak. Veel mensen welke bekend zijn in het vak zullen zich afvragen: Maar wat is dan het verschil tussen een Red-team exercitie en BAS? Deze vraag gaan we beantwoorden in één van de volgende blogs.

Voor nu is het denk ik even belangrijk om ons te richten op de vraag: Hoe werkt een Breach and Attack Simulation oplossing?

Read more
Hoe wordt webskimming uitgevoerd?

Web skimming attacks are essentially software supply chain attacks that can reach hundreds or thousands of websites using the exploited third-party web application.

Since third-party HTML/JavaScript code is delivered to the website from a completely different repository that the website owner does not have any control over (and can’t possibly monitor directly), hackers target these very third-party web servers. This gives the attacker unauthorized access to all third-party libraries. It’s then all about injecting the skimming code into one of the existing JavaScript files and hiding it.

Read more
Wat is webskimming?

Before we dive into the specifics of tackling web skimming threats, it’s important to know what they actually are. Web Skimming is a hacking technique where the attacker breaches the payment or checkout page of websites by injecting a malicious script or malware via the third-party apps that are being used by the website. Credit card information and personal information is harvested, often without being detected.

Read more
Alles wat je moet weten over webskimming-aanvallen

Web skimming, also known as digital skimming, is a hacking technique that targets digital businesses by manipulating unmonitored and compromised client side web applications. Usually, these attacks are initiated by placing malicious JavaScript (JS) code strategically on payment and checkout pages of the website where unsuspecting users fill in their personal and financial details. Although commonly found on eCommerce websites, banking, finance, healthcare, tourism, and other eService platforms are also being targeted today.

Read more
What is a Watering Hole attack and how to prevent them

A Watering Hole attack is a method in which the attacker seeks to compromise a specific group of end users either by creating new sites that would attract them or by infecting existing websites that members of that group are known to visit. The attacks have been adopted by criminals, APT groups and nation states alike and we see the amounts rising. The goal is to swipe username and password combinations hoping the victim reuses them, or infect a victim's computer and gain access to the network within the victim's place of employment. Many conclude that these attacks are an alternative to Spear Phishing but are quite different. Watering Hole attacks are still targeted attacks, but they cast a wider net and trap more victims than the attacker’s original objective.  

Read more

Subscribe to our Blog

Get the latest Cyber Security news and content