Cyber Security Awareness and Vulnerabilities Blog

cs-multi-tenancy.png

multi-tenancy

All SIEMs are well known for their ability to monitor IT infrastructures for potential threats, escalating them to the appropriate party. Though these solutions share this core function in common, SIEMs differ widely in terms of features. It’s important to evaluate your own…

Read More

cs-phishing-prevent-attacks-blog-700x350.jpg

How to prevent phishing attacks

The term “phishing” can be traced back to 1996, when it was used to reference a group of attackers that were imitating AOL employees using AOL messenger, asking people to verify their accounts or billing information. Many unsuspecting users fell prey to this…

Read More

cs-cts-zeppelin-ransomware-article-700x350.jpg

What is zeppelin ransomware

Zeppelin is the latest member of the VegaLocker ransomware family, which also contains strains like Jamper, Storm, or Buran. Zeppelin is an example of well-organized threat actors, as those behind Zeppelin have been incredibly strategic in carefully targeting these ransomware attacks. First spotted…

Read More

cs-value-roi-identity-governance-blog-700x350.jpg

value-roi-identity-governance

Like most companies today, your business is likely facing increasing demands to support and protect more devices and systems that contain data critical to your business. You are spending increasing time and resources on manual, repetitive tasks for managing user accounts. And you…

Read More

A Core Impact module was released on January 14, 2020 to exploit an as-yet unpatched patch traversal flaw in Citrix Application Delivery Controller (ADC) and Gateway (formerly known as NetScaler ADC & NetScaler Gateway) identified as CVE-2019-19781. This critical vulnerability is a path traversal…

Read More

cs-what-is-cmmc-blog-700x350.jpg

What is the CMMC

Later this month, the U.S. Department of Defense (DoD) will release version 1.0 of the Cybersecurity Maturity Model Certification (CMMC). The CMMC will be a mandatory third-party certification for any DoD contractors and subcontractors, intended to help protect the government’s sensitive, unclassified data…

Read More

In part one of this series, we focused on installing several tools that will be useful for reversing and exploiting security weaknesses on Windows. These tools are free to access, so anyone can use them to learn and try out the useful exercises…

Read More

cs-what-we-learned-at-gartner-700x350.png

gartner-iam-summit-2019

They say what happens in Vegas stays there, right? Well, that may not always be the case. Especially when it comes to the Gartner Identity & Access Management Summit last December. In fact, we are pretty sure the more than 2,200 attendees will take…

Read More

cs-challenges-of-pen-testing-700x350.png

challenges of pen testing

There is no arguing that a penetration test can be an invaluable exercise to evaluate the security of an IT infrastructure. Despite the necessity for these critical evaluations, many security teams struggle to maximize the effectiveness of pen tests in their organization. What…

Read More

Pen testing is a dynamic process that requires practitioners to exploit an environment to expose security weaknesses. In order to do this safely and efficiently, pen testers enlist the help of different tools. This article series will focus on reversing and exploiting Windows…

Read More