Infosec Blog

Maximizing Your SIEM Investment on a Government Budget

| | Infosec Blog
Cybersecurity in the public sector often means navigating within strict budgetary requirements that can feel like hitting a brick wall that slows momentum and limits progress. With global cyber attacks continually on ...
Hurricane Labs
Splunk Enterprise Security Unmasked Blog Recap

Splunk Enterprise Security Unmasked Blog Recap

| | Infosec Blog
In the high-stakes world of cybersecurity, many organizations find themselves trapped in a "great dilemma": they are drowning in a relentless sea of alerts while simultaneously battling massive technical debt and tool ...
Hurricane Labs

The Evolution of Healthcare Ransomware: Why Data-Theft Extortion is the New Threat

| | Infosec Blog
The modern benchmark for healthcare cyber disruption is still the 2024 Change Healthcare attack, which exposed the data of 190 million Americans and caused nationwide shutdowns of prescription processing and insurance payments ...
Hurricane Labs
Social engineering

Blog Recap of The Human Attack Surface: What Organizations Need to Know in 2026

| | Infosec Blog
Social engineering remains one of the most effective, and underestimated attack vectors in today’s cyber security threat landscape. In our Hurricane Labs’ December Q4 webinar The Human Attack Surface, the spotlight turns ...
Hurricane Labs

Security Advisory Regarding BRICKSTORM

| | Infosec Blog
Executive Summary On December 5th, 2025 the US’s Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency, and Canada’s Cyber Security Centre released a joint malware report on BRICKSTORM, a backdoor targeting ...
Hurricane Labs
Utilizing Metrics for a Healthy SOC

Utilizing Metrics for a Healthy SOC

| | Infosec Blog
Continuously improve your SOC through the analysis of security metrics.  Introduction Metrics are quantifiable measures and assessment results. They empower organizations to describe and measure controls and processes, and make rational decisions ...
Hurricane Labs

Be Your Own Secret Santa: Staying Private and Secure While Holiday Shopping Online

| | Infosec Blog
According to Federal Trade Commission (FTC) data, scammers stole $12.5 billion from consumers in 2024, and they're counting on the holiday rush to make this year even more profitable for them. The ...
Hurricane Labs
● Several portions of the web site were vulnerable to SQL Injection, allowing retrieval of nearly arbitrary database content. ● Several flaws were discovered and exploited which allowed testers to retrieve credentials belonging to other tenants. ● The application stored user passwords in an insecure manner. Combined with the other vulnerabilities, testers could retrieve and decrypt credentials for all site users. Testers found and exploited a Directory Traversal vulnerability in the mobile API. This was exploited for Remote Code Execution on web servers. After achieving Remote Code Execution, testers found several files with insecure permissions. This was subsequently leveraged for administrative access to the application servers.

Case Study: Penetration Testing for a Technology-Focused Environmental Solutions Provider

| | Infosec Blog
Overview The client is a technology-driven provider of environmental monitoring solutions, focused on developing analytical tools used in industrial settings. Their product portfolio includes both mobile and stationary devices designed to support ...
Hurricane Labs
New Splunk 10 Feature – Effective Configuration

New Splunk 10 Feature – Effective Configuration

| | Infosec Blog
One of the Splunk 10 features I’m most excited about is the “Effective Configuration” dashboard.  In this blog post, I’ll explore why this might be my favorite new Splunk 10 feature so ...
Hurricane Labs

Soar is your Safest Bet

| | Infosec Blog
It’s the middle of the week, you are working on a project that needs to be done, and while you are trying to focus, you get the same phishing alert for the ...
Hurricane Labs
Load more