Articles by Robert Hansen

Personal site: https://www.smartphoneexec.com

IP is the Wrong Way to do Attack Surface Mapping

By Robert Hansen on May 5, 2021

This post is the sixth of a short series of posts that we have dubbed “Attack Surface Mapping the Wrong Way,” showing the wrong way that people/companies/vendors attempt to do attack surface mapping. Next up is IP and why it is the wrong way.

IP only is flawed

Many security tools scan …

Read More

NetFlow is the Wrong Way to do Attack Surface Mapping

By Robert Hansen on March 26, 2021

This post is the fifth of a short series of posts that we have dubbed “Attack Surface Mapping the Wrong Way,” showing the wrong way that people/companies/vendors attempt to do attack surface mapping. Read the first in this series here. Next up is NetFlow and why it is the wrong way.

NetFlow …

Read More

Agents are the Wrong Way to do Attack Surface Mapping

By Robert Hansen on March 24, 2021

This post is the fourth of a short series of posts that we have dubbed “Attack Surface Mapping the Wrong Way,” showing the wrong way that people/companies/vendors attempt to do attack surface mapping. Read the first in this series here. Next up are agents and why they are the wrong way.

Agents …

Read More

Crawling Is the Wrong Way to do Attack Surface Mapping

By Robert Hansen on March 23, 2021

This post is the third of a short series of posts that we have dubbed “Attack Surface Mapping the Wrong Way,” showing the wrong way that people/companies/vendors attempt to do attack surface mapping. Read the first in the series here. Next up is crawling and why it is the wrong …

Read More

Brute Force Is the Wrong Way to do Attack Surface Mapping

By Robert Hansen on March 17, 2021

This post is the second of a short series of posts that we have dubbed “Attack Surface Mapping the Wrong Way”, showing the wrong way that people/companies/vendors attempt to do attack surface mapping. Read the first in this series here. Next up is brute force and why it is the …

Read More

Static Lists Are The Wrong Way to do Attack Surface Mapping

By Robert Hansen on March 8, 2021

This post is the first of a short series of posts that we’ve dubbed “Attack Surface Mapping The Wrong Way,” showing the wrong way that people/companies/vendors attempt to do attack surface mapping.  We begin with static lists and why they are the wrong way.

Static lists are flawed

When asked what the …

Read More

CISAgov Recommends Immediate Update of Microsoft Exchange

By Robert Hansen on March 5, 2021

Cybersecurity and Infrastructure Security Agency recommends that all companies update any self-hosted Exchange servers that are sitting in their environment.  The advice came out March 3rd and lists a number of CVEs associated with the issue. Here is the official statement.

  

Here are the CVEs in question:

CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065And possibly …

Read More

CPEs and CVEs

By Robert Hansen on March 1, 2021

Understanding the low-hanging-fruit of vulnerabilities is one of the most important things to understand about an environment.  Thankfully, there are some easy ways, through fingerprinting, to get a wide variety of different vulnerability information from assets.  But to do that, it is important to understand a little about CPEs first.

CPE …

Read More

WordPress In Your Attack Surface Map

By Robert Hansen on February 1, 2021

WordPress is one of the most well known and most used pieces of web technology on earth. It also happens to be a bit of a mess from a security perspective, as it relates to the plugin ecosystem specifically. The core application also has had many vulnerabilities over the year, so …

Read More

Fortune 1000 – The Big Movers

By Robert Hansen on August 19, 2020

While going through the list of the Fortune 500 for Bit Discovery’s company reports you can download them here, I decided to take a bit of a step back and analyze how COVID was going to affect the entirety of the list over the coming year.  There are a handful …

Read More