Server-Side Request Forgery (SSRF)
Server-side Request Forgery (SSRF) is a notable web security vulnerability that can be used by attackers to extract sensitive data from within an organization’s infrastructure. The threat of SSRF attacks remain significant given its addition to the 2021 OWASP Top 10 list. On April 7th, 2022, API Security Company, Salt Security, identified an SSRF vulnerability […]
WebOrion® adds Smart Image Hash (SIH) Feature To Improve Monitoring of Compressed Images
WebOrion® is glad to introduce a new feature into the existing Integrity Analytics engine – Smart Image Hash (SIH). SIH helps reduce false alerts regarding image changes by analysing them in a smarter way. Images can make websites look more attractive and have been widely adopted ever since the inclusion of the image tag () […]
How Are Hacktivists Shaping the Cybersecurity Posture Of Nation-states in the Russia-Ukraine Conflict?
The Resurgent Threat of Hacktivism As the Russia-Ukraine conflict intensifies, cyberwarfare continues to be waged between the two countries. Concerns remain that state-backed hacker groups may target organisations outside of Eastern Europe in retaliation for the global sanctions imposed on Russia, or as false-flag operations to further promote political narratives. While the attention remains focused […]
The Cybersecurity Implications for Website Owners from the Russia-Ukraine Conflict
Cyber Threat Activities from the Russia-Ukraine Cyberwar The Russian incursion into Ukraine has led to a conflict that involves both the physical and cyber domains, with hacking groups of differing allegiances launching cyberattacks on government, military, financial and telecommunication websites. Cybersecurity specialists worldwide have highlighted growing concerns that the intensifying conflict between Russia and Ukraine […]
Product Announcement: Enhanced Email Alerts for WebOrion Defacement Monitor
Email alerts are the primary method that WebOrion Defacement Monitor uses to inform our customers about the changes to their websites. Through these email alerts, users are informed if their website becomes unreachable, or if any of WebOrion’s various engines are triggered during webpage monitoring. The email alerts are important for customers and SOC analysts […]
Cloudsine | WebOrion® is excited to partner with SGInnovate New Frontier Event to build up Deep Tech Community
Cloudsine is excited to partner with SGInnovate at the New Frontier event on 10 Apr 2021 to help build up the deeptech community. The New Frontier event is organized by SGInnovate with Guest of Honour, Lawrence Wong (Minister for Education), to promote the growth of the deeptech ecosystem in Singapore with skills, jobs and career […]
Cloudsine | WebOrion® Supports the Launch of community-focused AI Security Quarter in Div0 on 31 Mar 2021
AI Security Quarter of Div0 was officially launched on 31 Mar 2021 over virtual Zoom and attended by >50 cybersecurity and AI enthusiasts in Singapore. Cybersecurity and AI are both critically important technologies for the digital future. Attackers are using more automation and AI to help them probe and attack systems. In addition, adversarial attacks […]
Product News: End-of-Support for Old WebOrion Appliances and Upgrade Path to New WebOrion VX2 Appliances.
This is to announce the following: End of Software Support (EOSL)for all WebOrion® virtual and physical appliances purchased before 28 Feb 2017 . EOSL for this batch of appliances will be with effect from 31 Aug 2021. This means no bug fixes, security patches, feature updates will be provided. End of Software Support (EOSL)for all […]
WebOrion® launches Javascript Malware Detection Engine (JME)
WebOrion® is pleased to announce the launch of our new Javascript Malware Detection Engine(JME). The JME adds to the powerful capabilities of our WebOrion® Monitor to detect defacements, malicious scripts and other website threats. Today, practically every website uses JavaScript. The power and flexibility of a scripting language embedded within the browser has allowed websites […]
AWS CloudGoat and mitigation strategies: Part 5
AWS Cloudgoat and mitigation strategies Part 5 This is part 5 of the series on AWS Cloudgoat Scenarios and the mitigation strategies. This part of the article presumes that Cloudgoat has already been configured. Please refer to part 1 of this series to see how to install and configure Cloudgoat. Scenario 7: Stealing secrets […]
