OWASP Top Ten – Cryptographic Failures
The world of cybersecurity is constantly evolving as new threats and vulnerabilities emerge. This includes Cryptographic Failures. The Open Web Application Security Project (OWASP) Top Ten is a widely recognized list of the most critical security risks to web applications....
OWASP Top Ten – Server Side Request Forgery (SSRF)
What is an SSRF? The next entry in our OWASP Top Ten Series covers Server Side Request Forgeries. Server Side Request Forgery (SSRF) is a security vulnerability that occurs when an attacker is able to make HTTP requests to an...
IoT Testing
Here at Brackish, we’ve recently received inquiries from several customers in regards to testing their IoT devices. We took a look at our current roster of testers and while we do have some experience testing IoT devices, it wasn’t something...
Insecure Deserialization
Introduction Insecure deserialization is a cybersecurity vulnerability that affects various programming languages, including C#, Java, PHP, Python, and others. This article explores the dangers of insecure deserialization, how it affects different languages, and how developers can mitigate the risks. Additionally,...
Phishing, Domain Names, and TLDs
As a small or medium-sized business owner, you may be aware of the threat of phishing attacks. Phishing is a common technique used by cybercriminals to trick people into giving away sensitive information such as usernames, passwords, or credit card...
OWASP Top Ten – Identification and Authentication Failures
Identification and Authentication Failures Today we will cover Identification and Authentication Failures in our series on the OWASP Top Ten. Online security has become a crucial aspect of modern life. Today, every business is a tech business, and it becomes...
Local Administrator Accounts
Local administrator accounts are commonly used in Active Directory/internal networks to manage individual computers. These accounts have full control over the local computer, which can be a security risk if used carelessly. The use of local administrator accounts should be...
Phishing – The Most Important Thing?
the intention of tricking the recipient into revealing sensitive information or downloading malware onto their device. Unfortunately, phishing attacks have become increasingly common and sophisticated over the years, making them the number one way organizations get breached. The reason for...
WordPress Security
WordPress is one of the most popular content management systems (CMS) in the world, powering over 40% of all websites on the internet. However, with great popularity comes a great responsibility to keep the WordPress installation secure. In this blog...
TLS Versions Explained
Transport Layer Security (TLS) is a widely-used protocol for securing communications on the internet. TLS is responsible for establishing a secure and encrypted connection between two communicating devices, ensuring that the data transmitted between them is protected from eavesdropping, tampering,...