Cyber Security Awareness and Vulnerabilities Blog

It’s important for all organizations to periodically assess and test security vulnerabilities, to better evaluate risk and be ready to detect, prevent and respond to threats as they happen. Vulnerability assessments, penetration tests and Red Teams help you identify and prioritize security risks,…

Read More

cybersecurity-generic-article-malware-alert-900x412_3.gif

On March 22, the city of Atlanta was brought to its knees by a ransomware attack. CNN reported that the malicious incident affected at least five of the city’s municipal departments, effectively locking down key functions for the police, courts, and more. The attackers asked…

Read More

cybersecurity-generic-article-hologram-900x412_0.gif

We all know that to err is human. The problem is some mistakes are an order of magnitude larger than others. If you forget to buy apples at the store, that’s unfortunate. But if you forget to lock down your cloud server with…

Read More

cybersecurity-generic-blog-lock-on-laptop-1920x744_1.gif

In February, Fortune, Wired, and other media outlets reported that hackers worked their way into automaker Tesla’s Amazon Web Services (AWS®) cloud account to mine for cryptocurrency. These so-called “cryptojacking” attacks are on the rise in concert with escalating cryptocurrency prices, prompting hackers to gain…

Read More

The Impacts 18.1 release last month brought a ton of streamlined enhancements and new capabilities to the client-side vector in general, and phishing in particular. To be clear on terms, I consider phishing to be inducing a target to follow a link presented…

Read More

When first reading this article, the thought of, “Well it’s about time, identity has a place at RSA” quickly came to mind. Even if you don’t agree with everything listed, some items mentioned are mere table stakes for a new way of thinking about…

Read More

Here is the summary for all of the exploits and updates shipped to Impact 18.1 since its release (on Feb 14th): 14 Updates overall 3 Remote Exploits 5 Client-Side Exploits 3 Local exploits 3 Product Updates   Here is the list of published updates: Remote Exploits: Symantec Messaging Gateway performRestore OS Command…

Read More

We all know that there are clear problems in the industry when it comes to role design and entitlement certification. Problems like: Lack of visibility: Most entitlements and user access logs are kept in spreadsheets, whether on their machine or in an online tool,…

Read More

Securing Enterprise Business Applications such as SAP systems poses a large set of challenges. Most companies have been passing through and maturing on how to adopt cryptography and encryption on these systems. However, this opens the door for new challenges. The protection of…

Read More

Today we're sharing how to use the customizable reports functionality available in Core Impact. In order to generate such agents, we'll use the "Network Report Generation" wizard. From the list of available reports, filter for type "spreadsheet" and select "Network Host Report". When clicking on "Duplicate"…

Read More