You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"To prevent spam, email forgery and phishing, configure DKIM, DMARC, SPF DNS records for the domain if it is used to send or receive emails. Additional information is available <a target=\"_blank\" href=\"https://www.exim.org/exim-html-current/doc/html/spec_html/ch-dkim_spf_srs_and_dmarc.html\">here</a>."
47
+
]
48
+
}
49
+
],
50
+
"webapps": [
51
+
{
52
+
"id": "5498677",
53
+
"section": "webapps",
54
+
"tab": "webapps",
55
+
"dt": "2020-11-05 10:46:23",
56
+
"discovered": "2020-11-05 10:46:23",
57
+
"name": "aai.some-company.com",
58
+
"type": "Web",
59
+
"group": "Unreachable",
60
+
"tag": "",
61
+
"link": "aai.some-company.com",
62
+
"sld": "some-company.com",
63
+
"ip": "",
64
+
"fingerprinted_software": [],
65
+
"availability": {
66
+
"code": 5,
67
+
"text": "Closed ports"
68
+
},
69
+
"status": {
70
+
"code": 5,
71
+
"text": "Closed ports"
72
+
},
73
+
"domain_expiration": "",
74
+
"http_code": "",
75
+
"lastupdatedt": "2025-02-10 10:30:29",
76
+
"last_scan": "2025-02-10 10:30:29",
77
+
"remediations": [
78
+
"SSL/TLS encryption has not been detected when accessing your web application. SSL/TLS encryption is needed to protect the data transmitted between a user’s browser and a web server. It encrypts the data, preventing unauthorized access, helps to verify the identity of websites to protect against impersonation, and ensures data integrity so that it isn’t tampered with during transmission. Enable SSL/TLS encryption on your web application to ensure secure and private communication between your users and your application. This will protect sensitive data, build trust with your visitors, and help comply with security regulations.",
79
+
"Deploy a Web Application Firewall (WAF) to protect your website against common web attacks and malicious bots."
"Local Git code repository is publicly accessible at https://52.52.52.52/.git/. An attacker can exploit the exposed source code and other confidential data available there to compromise your systems or facilitate other attacks. Unless the repository is designed to be accessible from the Internet, urgently disable public access to it. Otherwise, consider implementing a strong authentication and GEO-IP filtering."
213
+
]
214
+
}
215
+
],
216
+
"incidents": [
217
+
{
218
+
"id": "13949496",
219
+
"section": "incidents",
220
+
"tab": "incidents",
221
+
"dt": "2022-09-27 05:41:00",
222
+
"discovered": "2022-09-27 05:41:00",
223
+
"name": "Stolen Credentials",
224
+
"type": "Data Leak",
225
+
"group": "Inactive",
226
+
"tag": "Legacy",
227
+
"link": "",
228
+
"data": {
229
+
"count": 187,
230
+
"domain": "some-company.com",
231
+
"record_count": {
232
+
"company.com": 1,
233
+
"some-company.com": 183,
234
+
"test-co.com": 1,
235
+
"testing-co.com": 1,
236
+
"quick-test.com": 1
237
+
},
238
+
"leakdt": "2022-05-01"
239
+
},
240
+
"lastupdatedt": "2024-10-03 19:36:08",
241
+
"last_scan": "2024-10-03 19:36:08",
242
+
"examples": [
243
+
{
244
+
"login": "xxxx.yyyyy@domain.ch",
245
+
"password": "mypasword1234"
246
+
}
247
+
],
248
+
"examples_type": "LOGINS",
249
+
"leak_name": "1.5 GB Corp Mails EU",
250
+
"remediations": [
251
+
"Accounts of your employees are present in a stolen <a href=\"#\" onclick=\"$('#details_dialog #details_tabs').tabs({active: 0}); setTimeout(function () { $('#details_dialog #details_tabs2').tabs({active: 15}); }, 100); return false;\">set of data</a> available for sale on the Dark Web. Investigate how those accounts were compromised and consider changing the passwords on all accounts of the implicated users. You may also set a canary on your IDS to notify you as soon as someone tries to login to any of your systems with the compromised pair of credentials, thereby evidencing a password spraying attack."
0 commit comments