PROCIRCULAR BLOG

Educating your business on the importance of cybersecurity

Using an Interactive Cross-site Scripting Backdoor

Posted by Bill Thomas on Feb 26, 2021 3:29:48 PM

As a cybersecurity engineer and an unapologetically enthusiastic “web guy,” I have both a personal and professional interest in finding new exploitation methods. Recently, I found an interesting and creative way to control a browser by exploiting a cross-site scripting (XSS) vulnerability. I learn by doing, so as soon as I had the idea, I tried executing the concept to see if it would work in practice. Without spoiling too much, I was very pleased with the results! This attack uses nothing more than Netcat and some clever XSS injection code. For those unfamiliar with Netcat, it’s a networking utility that reads and writes data across network connections.

Read More
0 Comments Click here to read/write comments

Topics: Network Security, Data Protection, Penetration Testing, hacking

Secure Remote Connections with SSH

Posted by Mike Hedlund on Jan 11, 2021 11:36:23 AM

In today’s fast-paced and remote workforce, establishing a secure remote connection is critical to conduct safe and efficient remote work. Securing this connection can be as simple as creating a jump box to access a network or device. This method allows for secure external access to internal resources without using custom firewall rules. Although there are several ways to initiate this connection, the one we’ll discuss here uses a reverse SSH tunnel through a jump box. The reverse connection process is more secure than the standard connection process, and it is the preferred option for connecting to sensitive remote devices.

Read More
0 Comments Click here to read/write comments

Cybersecurity 2026 – Looking Five Years Ahead

Posted by Aaron R. Warner on Dec 30, 2020 11:13:31 AM

Technical Innovation Increases Cybersecurity Risk

New technologies help revolutionize all industries and the way they conduct business. Simultaneously, it increases blind spots that commonly open the door for exploitation by cybercriminals. As technical innovation rises exponentially, so too will the associated cybersecurity risk. New applications of AI are emerging on both the offensive and defensive side of the coin. AI can be trained to detect sophisticated threats and other anomalous activities, which help reduce the time from infection to detection; however, attackers will also continue to leverage this to their advantage. There are other examples: 5G, the continued fracturing of the xAAS into smaller and smaller constellations of services, and the embedding of increasingly complex technology into the human body. These innovations all create cybersecurity risks that will need to be addressed.

Read More
0 Comments Click here to read/write comments

60 Days as a Cybersecurity Intern

Posted by Willie Zhang on Nov 23, 2020 12:04:11 PM

Your first day at a new internship can seem intimidating. For most of us, it’s our first look into the professional world. Although you learn important concepts in school, the experience you gain in a professional setting is much more valuable; especially in the cybersecurity industry. 60 days into my cybersecurity internship at ProCircular, the team has taught me much more than I’ve learned on my own. Before my time on ProCircular’s red team, I was only able to learn about cybersecurity concepts through internet resources, such as TryHackMe, and different books I found online. The opportunity to be an intern has enabled me to grow my skills and knowledge through hands-on experience with real companies around the country. Practicing vulnerability assessments and social engineering in an environment where it is legal is, by far, a great improvement compared to assessing my own home network. It’s exciting to see the different services that real companies have and the different ways those real companies try to secure them. It’s a much more engaging and volatile environment than what you get in online learning.

Read More
0 Comments Click here to read/write comments

Topics: Cybersecurity, Company News

Investigating and Responding to Ryuk Cyberattack in 2020

Posted by Aaron Heikkila on Nov 18, 2020 10:30:00 AM

Incident Response is a series of investigative and remedial steps that a company takes in the event of a breach or other security incident. These restoration efforts can include backtracking through log data, isolating affected machines, and even negotiating with cyberterrorists!

Read More
0 Comments Click here to read/write comments

Topics: Cybersecurity, Data Breach, Incident Response, security incident handling, security incident response

All posts

ProCircular is a Full-Service Information Security Firm

We are passionate about helping businesses navigate the complex world of information security, and our blog is another great source of inforamtion. We can assist you no matter where you are in your security maturity journey:

  • Breached or hit with ransomware?
  • Don't know where to start? 
  • Looking to confirm your security with a third party?

Secure your future with ProCircular.

Recent Posts

Posts by Topic

see all

Subscribe to Email Updates