Cyber Security Awareness and Vulnerabilities Blog

We are thrilled about the continuous improvements shipped to Core Impact. Today we are recapping the 87 total updates that are being sent to Impact since the release of Core Impact 2017R1. The team has been hard at work to drive new exploits and…

Read More

There has been a lot of information shared this week around the Petya “ransomware” virus. I put this in quotes because, just as with most attacks, once you dive in and get more information you find out that everything is not as it…

Read More

For the second time in as many months, organizations around the world are feeling the effects of a ransomware attack. No doubt, you heard about the WannaCry virus that spread rapidly, worldwide last month demanding bitcoin ransom for company data. This time, the…

Read More

Each day we are being inundated with information. This could be in the form of ads, articles or a new tool to use that will surely make our lives easier. While these applications could be very useful to the organization, they could also…

Read More

While it can be nerve-wracking letting someone into a portion of your organization, look at it as though you are actually taking back control. Enlisting the help of trained and experienced experts is nothing to be ashamed of – if anything, this could…

Read More

For those of you that have been living under a rock for the past few months, there has been quite a lot of talk about Russia and their interference in the 2016 U.S. election. From open session meetings to leaked documents and the…

Read More

We spend a lot of time talking around and about bad actors, but what if we sourced them to teach us about this industry instead? We know they exist and we know they’re working towards obtaining the sensitive data on our networks. But…

Read More

 1. Introduction In this blog post, we will cover the analysis and exploitation of a simple heap buffer overflow found in SAPCAR a few weeks ago. SAP published security note #2441560 classifying the issue as "Potential Denial of Service". This post is our attempt to show…

Read More

So I know that everyone was worried about WannaCry and the Ransomware epidemic that we just had. Though this type of attack isn’t new, this one particular instance got so much attention because it was such a large attack and affected many in…

Read More

You may know that you need to penetration test your organization for the sake of compliance - but there is more to gain from a pen-test than just adhering to set regulations to avoid a fine.  We've compiled a list of reasons to pen-test…

Read More