Eric Stylemans’ Post

📢 Subdomain Takeover & Brokenlink hijacking: A Step-by-Step Look at Identifying & Preventing Vulnerabilities In my latest research, I mapped out a guide for detecting subdomain takeover risks and securing your infrastructure. This step-by-step approach is designed to help security professionals prevent potential breaches. [Include any visuals like a flowchart or steps] Read the full breakdown and protect your brand! #Specialization_Task_8 #WebAppSecurity #VAPT #SubdomainTakeover #BrokenlinkHijacking #SecurityFlaws #CyberDefense #ResearchPaper #CyberSapiens #CyberSapiensunitedllp 🔎 💻

It's been two months since the National Institute of Standards and Technology (NIST) NVD slowed down processing CVE's. To offer clearer insights into the current situation, I've developed a time-sequence data visualization illustrating the vulnerability status of CVEs year-to-date. I've included some fresh tunes from Beau Bullock's latest album, 'Hard Reboot,' which drops on May 3rd. Who knows, maybe the NVD will pick up the pace by then too! 🎸 Jay Jacobs Stephen Shaffer Jerry Gamblin Balint Fazakas Sander Vinberg Chris Madden #cybersecurity #infosecurity #riskmanagement #vulnerabilitymanagement

Sharing for visibility. If you have noted the number of new vulnerabilities has slowed down in the past few weeks, it doesn't mean software has become more secure and resilient. It just means that the process is broken.

Cybersecurity Pros Urge US Congress to Help NIST Restore NVD Operation A group of 50 cybersecurity professionals signed an open letter warning that current issues at the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) could lead to a major supply chain security crisis. It was sent to the US Secretary of Commerce, Gina Raimondo, and several members of the US Congress. In the letter, signatories argued that the Congress priority should be to help #NIST resolve the current #NVD backlog. They urged Congress to support NIST in 3 immediate actions: 1️⃣ Investigate the ongoing issues with the NVD 2️⃣ Ensure NIST has the necessary resources to restore operations immediately 3️⃣ Lay the groundwork for critical improvements to the service They also laid out a list of recommendations to tackle short-term challenges of the NVD program. 📰 Find out what those are on Infosecurity Magazine: https://lnkd.in/ebTYDp-3

🔑 Non-Human Identity Rotation Debunked Clutch Security, our portfolio company, has released eye-opening research challenging the long-standing security practice of secret rotation. By deliberately leaking tens of Non-Human Identities across various sources, they demonstrated how attackers exploit exposed secrets in seconds—proving that rotation offers little real protection. 🚨 The takeaway? Rotation isn’t just obsolete—it’s dangerously misleading. As attackers outpace even the fastest rotation schedules, enterprises must adopt Zero Trust architecture and ephemeral identities to minimize their attack surface and stay ahead of automated threats. Explore the experiment: https://go.clut.ch/m7t Download the full report to dive into the technical breakdown: https://go.clut.ch/9c #Cybersecurity #NonHumanIdentity #NHI #NHISecurity #ZeroTrust #DebunkingRotation Ofir Har-Chen | Tal Kimhi | Tom Sadon | Seth Spergel | Shay M. | Almog G. | Tav Spector-Levi | Julie Arndorfer | Becky Riji | Aya Shaharabani

See the Trees & See the Forest in Incident Forensics! 🌳🌲 In the world of incident forensics, timeline analysis often focuses on individual machines. But what if we could expand our perspective to see the bigger picture? Imagine aggregating timelines from all in-scope machines to create a comprehensive overview of the entire incident landscape! By mapping sources and destinations—such as IP addresses, attackers, and victims—as interactive bubbles, and linking key events like file transfers, unauthorized login attempts, and SQL injections, we can construct a powerful "Investigation Graph". This innovative approach allows us to visualize connections and uncover hidden patterns, enabling deeper insights and more effective incident response. Join the conversation and explore how this holistic method can revolutionize your forensic investigations. 🌐🔍 #IncidentForensics #DataVisualization #CyberSecurity #Innovation #InvestigationGraph

How do you change the mindset in the LE and Security industry about self-aid and buddy-aid. This is one topic in academies that is over looked or not really covered. To many threats to ignore anymore.

Stay ahead of the threat actors by knowing who they are and how they operate. Cyberattacks happen daily. You can stay ahead of them and protect your organization/your citizens with GoCyber Collective's one week course "Threat Intelligence". Click below to register.

Here at Smarttech247 we deal with various threats that customers face, one of them is this one: Email security incidents: 🚩 94% of organizations have experienced email security incidents in the last 12 months 🚩 As a result: 1️⃣ Organizations remain vulnerable to inbound attacks and outbound data loss and exfiltration. 2️⃣ Cybersecurity leaders are questioning just how effective traditional approaches to email security are. For a deep dive into threats like account takeover and supply chain compromise, in addition to data loss incidents such as exfiltration and misdirected emails resulting from Outlook auto-complete, read Egress Software Technologies’ Email Security Risk Report: https://lnkd.in/eHfiP_Zz