A cyber attack or data breach is a threat to every business. Still, it can be more devastating for small businesses as they face numerous challenges, including cash inflow, competition, employee retention, limited funding, supply chain and other business problems simultaneously, making it difficult for them to survive.
Cyber threat actors are becoming more and more efficient. They are targeting software and applications that are used by organizations globally. One recent example of this is the ESXIargs mass ransomware campaign which targeted a zero-day vulnerability in ESXi. So far this year, it has been reported that over 3,000 ESXi servers and countless virtual machines globally have been impacted by this campaign in the last two months.
Security testing is increasingly viewed as an essential part of the software development lifecycle (SDLC). Traditionally, agile software development has focused on development velocity, rapid market feedback, and delivering high quality products and services. However, software that's vulnerable to cyber attacks is not valuable to end users and creates huge risks for both customers and software vendors. This makes it critical to integrate security testing into the software development process.
Commonly referred to as Zerologon, CVE-2020-1472 is the Common Vulnerabilities and Exposures (CVE) identifier assigned to a vulnerability in Microsoft’s Netlogon Remote Protocol (MS-NRPC). MS-NRPC is essential for authentication of both user and machine accounts in Active Directory.
Adversaries use multiple techniques to identify and exploit weaknesses in Active Directory (AD) to gain access to critical systems and data. This blog post explores 3 ways they use PowerShell PowerSploit to elevate or abuse permissions, and offers effective strategies for protecting against them.
ChatGPT may not be used by all organizations and may even be banned. But that doesn't mean you don't have exposure to the security risks it contains. This post looks at why ChatGPT should be part of your threat landscape.
