Foregenix-Logo-Horizontal-Colour
Free Webscan

Cybersecurity Insights

What Is JavaScript And Why Should You Care If You Own A Website?

15/08/19 12:31

What is JavaScript?

JavaScript is essentially a scripting programming language that allows you to implement complex items onto your webpage. Every time a webpage becomes interactive with the user, e.g interactive maps, videos, countdown timer and music, and even colours, chances are JavaScript is involved. Facebook is a great example of how JavaScript works smoothly and effectively, with videos playing smoothly, perfect animation and constant post updates.

Read More

The Potential Risks Of Exposed Admin Login Panels

06/08/19 11:00

Among many of our forensic clients we are noticing that fairly often the login panel for administration of the sites is left publicly and easily accessible, either through easy to guess URLs or unpatched vulnerabilities.

While this is not an immediate threat, an exposed and obvious administrative login panel can make it significantly easier for attackers to breach the site, especially if access controls are limited to username and password combinations alone. This situation allows for simple brute forcing, signing in with compromised credentials/obtaining credentials, or in the case of unpatched systems, access by exploiting vulnerabilities. Even in cases where the admin login panel URL is complex and hard to guess, path disclosure vulnerabilities can be used to locate it.

Read More

What Is Malware? And How To Prevent An Attack.

30/07/19 10:00

What is Malware?

We have all heard the word ‘Malware’ but what is it, and how can it affect you? 

Read More

POS Malware Data Breaches And Why They Keep Happening

10/07/19 12:15

Recently, more and more news has surfaced about millions of consumers becoming affected by data breaches. Most of these data breaches involve a company’s point of sale (POS) machine. The main objective for hackers, when attempting to hack a company’s POS machines, is to steal the 16-digit card number from your credit card. Obtaining credit card information from big companies can be extremely lucrative for hackers, as on the black market, credit cards can sell for up to £100 per number.

Read More
Benjamin Hosack

9 Million Websites Shows Half a Million Are At "High Risk" Of Breach

07/06/19 09:51

We’re fast approaching the middle of 2019, and already we’ve seen numerous announcements of major data compromises involving millions of personal data records being stolen, including:

  1. Email addresses & passwords
  2. Passport numbers
  3. Social security numbers
  4. Banking information & credit card data

While the largest breaches catch our attention and have done a lot to raise awareness to the threat these criminals pose to our society, what is often less well reported, and therefore, less well understood, is how the smaller end of the business world is being targeted. As an example, we rarely hear about the thousands of successful small to medium eCommerce websites that have been hacked, and are quietly leaking all their customer payment data to criminals every day.

Read More

What Is JavaScript And Why Should You Care If You Own A Website?

15/08/19 12:31

What is JavaScript?

JavaScript is essentially a scripting programming language that allows you to implement complex items onto your webpage. Every time a webpage becomes interactive with the user, e.g interactive maps, videos, countdown timer and music, and even colours, chances are JavaScript is involved. Facebook is a great example of how JavaScript works smoothly and effectively, with videos playing smoothly, perfect animation and constant post updates.

Read More

The Potential Risks Of Exposed Admin Login Panels

06/08/19 11:00

Among many of our forensic clients we are noticing that fairly often the login panel for administration of the sites is left publicly and easily accessible, either through easy to guess URLs or unpatched vulnerabilities.

While this is not an immediate threat, an exposed and obvious administrative login panel can make it significantly easier for attackers to breach the site, especially if access controls are limited to username and password combinations alone. This situation allows for simple brute forcing, signing in with compromised credentials/obtaining credentials, or in the case of unpatched systems, access by exploiting vulnerabilities. Even in cases where the admin login panel URL is complex and hard to guess, path disclosure vulnerabilities can be used to locate it.

Read More

What Is Malware? And How To Prevent An Attack.

30/07/19 10:00

What is Malware?

We have all heard the word ‘Malware’ but what is it, and how can it affect you? 

Read More

POS Malware Data Breaches And Why They Keep Happening

10/07/19 12:15

Recently, more and more news has surfaced about millions of consumers becoming affected by data breaches. Most of these data breaches involve a company’s point of sale (POS) machine. The main objective for hackers, when attempting to hack a company’s POS machines, is to steal the 16-digit card number from your credit card. Obtaining credit card information from big companies can be extremely lucrative for hackers, as on the black market, credit cards can sell for up to £100 per number.

Read More
Benjamin Hosack

9 Million Websites Shows Half a Million Are At "High Risk" Of Breach

07/06/19 09:51

We’re fast approaching the middle of 2019, and already we’ve seen numerous announcements of major data compromises involving millions of personal data records being stolen, including:

  1. Email addresses & passwords
  2. Passport numbers
  3. Social security numbers
  4. Banking information & credit card data

While the largest breaches catch our attention and have done a lot to raise awareness to the threat these criminals pose to our society, what is often less well reported, and therefore, less well understood, is how the smaller end of the business world is being targeted. As an example, we rarely hear about the thousands of successful small to medium eCommerce websites that have been hacked, and are quietly leaking all their customer payment data to criminals every day.

Read More