In Part 3, CrowdStrike’s Endpoint Protection Content Research Team covered the finer points of Input/Output Control (IOCTL) usage by various wipers. The fourth and final part of the wiper series covers some of the rarely used “helper” techniques implemented by wipers, which achieve secondary goals or facilitate a smaller portion of the wiping process.

WebAuthn technology is pivotal to passwordless authentication. When implemented correctly, the specification makes it simple and secure to sign in to accounts without entering a traditional password.

Online safety is second nature for some — but it’s not easy for everyone to stay up to date with the latest security advice. Whether you use the internet to stay in touch with friends and family, play games, or meet new people, everyone needs to know how to stay safe online. October is Cybersecurity Awareness Month — so there’s no better time to brush up on online safety.

Schools and non-profits share the same problem when it comes to cybersecurity budgeting: limited resources which forces a choice between staff with the right expertise and effective tools that work for the organisation.

Previously published blog post: Recently, Arctic Wolf observed threat actors begin exploiting CVE-2022-40684, a critical remote authentication bypass vulnerability impacting FortiOS, FortiProxy, and FortiSwitchManager.

If you’re like me, you really appreciate a test automation step as part of your pull request (PR) CI for that added confidence before merging code. I want to show you how to add Playwright tests to your PRs and how to tie it all together with a GitHub Actions CI workflow.