Cyber Security Awareness and Vulnerabilities Blog

As part of my daily work as an Exploit Writer, I decided to take a look at CVE-2017-7308. It is a Linux Kernel vulnerability related to packet sockets. I will not go into details about the bug itself or its exploitation because there is an…

Read More

Over the past few months we have been talking to our customers, prospects, and partners about how we may work to make Core Impact an even better fit for different organizational needs. We repeatedly heard that you wanted to rapidly build or scale…

Read More

Vulnerability management is becoming a standard industry practice and, as such, is included in most regulatory compliance rules as a quick and easy path to threat remediation. However, the reality is that most companies are not actually managing vulnerabilities, but rather conducting scans that…

Read More

We are thrilled about the continuous improvements shipped to Core Impact. Today we are recapping the 87 total updates that are being sent to Impact since the release of Core Impact 2017R1. The team has been hard at work to drive new exploits and…

Read More

There has been a lot of information shared this week around the Petya “ransomware” virus. I put this in quotes because, just as with most attacks, once you dive in and get more information you find out that everything is not as it…

Read More

For the second time in as many months, organizations around the world are feeling the effects of a ransomware attack. No doubt, you heard about the WannaCry virus that spread rapidly, worldwide last month demanding bitcoin ransom for company data. This time, the…

Read More

Each day we are being inundated with information. This could be in the form of ads, articles or a new tool to use that will surely make our lives easier. While these applications could be very useful to the organization, they could also…

Read More

While it can be nerve-wracking letting someone into a portion of your organization, look at it as though you are actually taking back control. Enlisting the help of trained and experienced experts is nothing to be ashamed of – if anything, this could…

Read More

For those of you that have been living under a rock for the past few months, there has been quite a lot of talk about Russia and their interference in the 2016 U.S. election. From open session meetings to leaked documents and the…

Read More

We spend a lot of time talking around and about bad actors, but what if we sourced them to teach us about this industry instead? We know they exist and we know they’re working towards obtaining the sensitive data on our networks. But…

Read More