Contact us
Request demo →
Contact us
search
close

Looking back on the 2021 vulnerability: Log4shell

In December 2021 a critical vulnerability surfaced named Log4shell within Log4j, a widely used logging tool for java applications. Log4j is used globally by computers running online services, which meant it impacted a multitude of people, organisations, and government organisations. Since then, multiple fixes have been implemented in the hope to avoid such an outbreak in the future.

read more

Using Telegram monitoring to enhance your attack surface management

For several years illicit actors have been switching from the dark web to Telegram. One of the reasons for this change is that several dark web forums have been shut down by law enforcement. With fewer marketplaces to offer their goods and services, online criminals were forced to look for new platforms to reach their customers.

read more

International Women's Day 2022

As today is International Women’s Day, we would like to celebrate the women that work across all departments at Cybersprint. We would like to introduce some of them to you:

read more

When paths merge

When I founded Cybersprint in 2015, I had the vision of bringing security technology from terminals to the boardroom – cybersecurity needed to be elevated to allow management to make the right decisions supported by holistic insights.

read more

5 lessons learnt from 2021's vulnerabilities

2021 saw some major cyber hacks, incidents, and digital risks. From Exchange to Log4j, and everything in between. Many of these incidents happened because of vulnerabilities in systems, software, or procedures that threat actors might have been able to abuse.

read more

The state of API security: global research comparison

Previously, we reported on the security state of Swagger APIs all throughout Europe. After the EU region, we conducted the same investigation for North America and for the APAC region. This report will make comparisons between the API security levels in the three regions. What differences and similarities can we discern? IS API security a global issue?

read more

Editorial: Why your brand DNA is the foundation of your security posture

Finding and verifying all of a company’s web assets across the entire internet is a massive undertaking. You essentially need to filter the whole internet and try to pick out what is relevant, and then set about detecting the risks – or even potential risks – within what you have found. This isn’t a process that can be managed manually. The staff-hours alone would make this hugely prohibitive, and that’s without taking into account the potential margin for error. Instead, it requires a different approach, one based around automation. In this editorial, Cybersprint's Lead Data Science & Analytics, Willem van Zwieten, explains how algorithms and automation helps your organisation stay secure.

read more

How to find and mitigate the recent WordPress CVE-2022-21661

A few days ago, WordPress released a patch for their software. This patch updates WordPress to version 5.8.3, and addresses four vulnerabilities. Three of these vulnerabilities have been rated as ‘high importance’ with two CVSS scores of 8.0, a 7.4, and a 6.6, as they allow for different kinds of attacks. This article explains how the different vulnerabilities could be abused, and how we were able to find the relevant WordPress software to check for risks.

read more

Defend yourself against a coming wave of API cyberattacks

APIs (Application Programming Interfaces) are used by countless businesses. By defining the rules that programmers must follow to interact with a programming language or software tool, they play a key role in enabling organisations to connect with services and transfer data.

read more

Do you have a question?

Our experts have the answers

Contact us