July 29, 2019 Weekly Security News Roundup: US Company Selling Fully Working BlueKeep Exploit 3 min read - Last week in security news, a U.S. company announced that its penetration tool had incorporated a fully working exploit for the BlueKeep vulnerability.
July 22, 2019 Weekly Security News Roundup: Vulnerability Exposed Instagram Attacks to Hijacking 3 min read - Last week in security news, a researcher uncovered a critical vulnerability that allowed attackers to hijack any Instagram account within 10 minutes.
July 3, 2019 Godlua Backdoor Capable of Performing DDoS Attacks 2 min read - Both versions of the Godlua backdoor, discovered in late April, are capable of performing distributed denial-of-service (DDoS) attacks, according to a new report.
July 1, 2019 Attack Campaign Leverages B2B Site to Distribute New Spelevo Exploit Kit 2 min read - A recent attack campaign leveraged a business-to-business (B2B) website to distribute a new exploit kit named Spelevo.
Application Security June 25, 2019 What Is Threat Modeling and How Does It Impact Application Security? 3 min read - Beyond the obvious benefit of proactively identifying application security incidents, threat modeling gives security leaders opportunities to educate developers and foster a DevSecOps culture.
Security Services June 20, 2019 Effective Cybersecurity Is Simple, But Not Easy 4 min read - IT complexity has created a "glass half empty" attitude toward information security. Even so, effective cybersecurity remains simple — just not easy.
June 19, 2019 TCP SACK Panic Flaw Could Compromise Production Linux Machines 2 min read - A kernel flaw dubbed TCP SACK Panic could allow remote attackers to compromise organizations running large fleets of production Linux computers, according to a series of security advisories.
Endpoint June 14, 2019 How to Patch BlueKeep and Get to Know Your Company’s Critical Assets 5 min read - In theory, dealing with BlueKeep should be no different from dealing with other vulnerabilities. Unfortunately, many organizations are lagging in their patch management efforts.
Application Security June 12, 2019 8 Best Practices for Application Container Security 10 min read - Application containers can reduce costs and streamline software development, but they also increase the attack surface, necessitating strict adherence to container security best practices.
June 11, 2019 Attack Campaign Exploits CVE-2019-2725, Abuses Certificate Files to Deliver Monero Miner < 1 min read - Researchers observed an attack campaign exploiting CVE-2019-2725 and abusing certificate files to deliver a Monero miner.