Cyber Security Awareness and Vulnerabilities Blog

RSS

During the past few years, there has been an increasing amount of research around Kerberos security, leading to the discovery of very interesting attacks against environments supporting this authentication protocol. In this blog post, I will cover some findings (and still remaining open questions)…

Read More

According to a study referenced in CBROnline, 79.7% of organizations are investing, in one way or another, in an Identity and Access Management (IAM) solution. While this number is up from even two years ago, it only shows people who are involved with…

Read More

Penetration testing vs. vulnerability scanning. It all sounds the same or does the same thing, doesn’t it? Mistakenly, these terms are often used interchangeably even though there are some fundamental differences. Here we will distinguish the two and help you see what value…

Read More

We all know that Identity and Access Management is not simply an application you can download in five minutes and be ready to go. This is a major program and investment for your company. But why is it that after we go live,…

Read More

Are you guilty of any of these mistakes in your pen-tests? Maybe you've never done these before and now you'll forever remember these as things to avoid when running any future penetration tests. For more information keep reading and check out our Guide to…

Read More

Our customer, a global energy infrastructure organization, was looking to evolve their vulnerability management program and improve their overall security posture. They wanted to better understand their network, assets, configurations, and related vulnerabilities. This quick video shows how Core Vulnerability Insight helped them…

Read More

We may have the best defense against bad actors in town, but we also can help you with your offense. It might be a hot-topic of conversation thanks to political matters - but know that the security of your company doesn’t rest in the…

Read More

After reading Monday's The Washington Post, I see yet again (sigh) that a former NSA contractor may have stolen sensitive information. However, this time it’s 75% of their elite hacking tools that Snowden previously highlighted. Harold T. Martin is accused of carrying out the biggest…

Read More

If testing your antivirus program or other applications sounds silly, then consider this your wake-up call. Just because you’ve bought something to protect your services, doesn’t mean it’s a surefire way to protect your data. System applications, embedded applications, games and more are not…

Read More

Day after day we hear stories of companies being breached because of vulnerabilities in their systems. While some of these vulnerabilities may be new, the majority of breaches are caused by vulnerabilities that have had a patch available for weeks, months, even years…

Read More