Data Protection August 22, 2022

CISA or CVSS: How Today’s Vulnerability Databases Work Together

3 min read - In the cybersecurity field, large databases of known threats and vulnerabilities have often been an essential resource. These catalogs show you where to focus your efforts. They’re also a good tool for prioritizing patches to increase security and mitigate the…

Application Security April 29, 2020

Ad Hoc or Managed Penetration Testing: Which One Is Best for You?

4 min read - Due to legal regulations, internal policies, executive requests, and the desire to beat threat actors and avoid breaches, penetration testing is becoming a common practice.

April 27, 2020

Weekly Security News Roundup: Vulnerability Lets Attackers Compromise Apple Devices via Email

3 min read - Researchers revealed their discovery of a vulnerability that enables bad actors to infect iPads and iPhones by sending a specially crafted email. Learn what else happened last week in security news.

March 18, 2020

Snoop Attacks via L1 Data Sampling Threaten Security of Intel CPUs

2 min read - Intel processors, including Core and Xeon products, are susceptible to attacks described as Snoop-assisted L1 data sampling, a security investigator has discovered.

March 10, 2020

Threat Actors Launch Attacks Based on Exchange Control Panel Vulnerability

2 min read - Threat groups are exploiting a vulnerability in the Exchange Control Panel (ECP) just weeks after Microsoft issued a patch, security researchers have discovered.

Threat Intelligence February 26, 2020

What’s Old Is New, What’s New Is Old: Aged Vulnerabilities Still in Use in Attacks Today

5 min read - Two vulnerabilities that were reported and patched in 2017 were used in nearly 90 percent of malspam messages in 2019. Why would threat actors use these old, well-known exploits in their attacks?

Endpoint January 31, 2020

How Do You Measure the Success of Your Patch Management Efforts?

4 min read - With the recent shift in attack focus toward operating systems and the increase in publicized breaches and ransomware attacks, patch management is now essential for organizations.

January 20, 2020

Weekly Security News Roundup: Nemty Ransomware Plans to Begin Leaking Victims’ Data

3 min read - Security researchers discovered Nemty ransomware's plans to create a website for the purpose of publishing its non-paying victims' data. Learn what else happened last week in security news.

January 16, 2020

Microsoft Patches CryptoAPI Flaw Following Discovery From NSA

2 min read - Microsoft used its first Patch Tuesday update of the new decade to address a critical vulnerability in its CryptoAPI library.

January 7, 2020

Pulse VPN Bug Means ‘Big Game Ransomware’ Could Access Corporate Networks

2 min read - Large organizations may be targeted by "big game ransomware" if they risk leaving a vulnerability in Pulse Secure virtual private network (VPN) servers unpatched, a cybersecurity researcher warned.