At 2:25pm, on the 9th of December 2021, an infamous (now deleted) tweet linking a 0-day proof of concept exploit for the vulnerability that came to be known as ‘Log4Shell’ on github (also now deleted), set the internet on fire and kicked off a holiday season of companies scrambling to mitigate, patch and then patch … Read more
The number of cyber-attacks attempting to compromise global industry supply chains are on the rise, and a new survey by BlueVoyant found that 97 percent of global firms have been impacted by a cybersecurity breach in their supply chain in the past 12 months. Not only that, but 95 percent of respondents said their organizations … Read more
If you needed a microcosm of the challenges currently facing the cybersecurity world, three events in the summer of 2021 summed it up well: Oracle and Microsoft (and others) issued patch updates to fix the usual number of CVEs. Gartner predicted a record level of global cybersecurity investment this year. A group of application security … Read more
Executive Summary Very little software is entirely original. Software developers use existing, open-source, and commercially available software components to create new products. On average, 75 percent of a software product is open-source code, according to the 2021 Open-Source Security and Risk Analysis Report. This presents a cyber-risk management problem. The customer cannot effectively manage assets … Read more
In the following, we’ll talk about how to transition from a Bug Hunter to a Pentester. It’s important to note that this content is intended to be an objective comparison with a real person’s experiences. These professions have individual pros/cons that add value to the security industry as a whole. It’s not uncommon to meet … Read more
“Is that a new breach? Or is it the same one we’re still talking about?” If you think you’re hearing about a company getting hacked almost every day, that’s because you’re paying attention; there were over 1,300 significantly damaging breaches of large businesses last year. That’s more than three per day on average, and that’s … Read more
Over a year ago, workforces across the globe were required to work from home to ensure their safety during the pandemic. This meant that IT administrators spent a majority of 2020 trying to figure out the best way to connect a distributed workforce while maintaining the overall security of their organization’s network. The organizations that … Read more
StandHogg Hits Google Store According to Forbes, Google Android Threats continue to permeate through malware ridden apps that may affect many Android users. Researchers at the Norwegian app security company Promon claim that safe apps can be corrupted through dangerous vulnerabilities. In this particular case, the vulnerability, being dubbed “StrandHogg”, allows dangerous malware to pose … Read more
Hacking has become ubiquitous on the internet. With even major companies like Evernote getting hacked, it’s not hard to imagine that you, an individual, could also get hacked. The experience is actually quite common, though that does not necessarily make it any less distressing. You are left feeling confused, with no idea what you should … Read more
A network intrusion refers to any forcible or unauthorized activity on a digital network. These unauthorized activities almost always imperil the security of networks and their data. Nowadays, online brands and companies are the usual subjects of these attacks. However, to properly deal with this, organizations should have a cybersecurity team in place. This will … Read more
