FIDO2 is an open authentication standard that enables users to log in to online services without using a password. It uses public key cryptography to provide strong authentication that is resistant to phishing and other online attacks. To use FIDO2, you will need a compatible device and an account with a service that supports FIDO2 […]
The researchers from 0Patch have discovered a vulnerability on all Windows Workstation and Server versions from Windows 7 and Server 2008 R2 to the latest Windows 11 v24H2 and Server 2022. The vulnerability allows an attacker to obtain user’s NTLM credentials by simply having the user view a malicious file in Windows Explorer. This vulnerability […]
SonicWall SMA 100 is a secure remote access solution designed for small and medium businesses (SMBs) with 50-100 employees. It allows authorized users to securely access corporate resources from anywhere, using any device, while ensuring that only trusted users and devices are granted access. The solution can be deployed on-prem, in cloud and also as […]
An attack surface is the sum total of all the potential points of entry that an attacker can exploit to gain unauthorized access to a system, network, or organization. These points of entry can be physical or digital, and they can include vulnerabilities in software, hardware, networks, or human processes. Infrastructure documentation is crucial for […]
Cybersecurity threats are a growing concern, and the holiday season is no exception In fact, cybercriminals often take advantage of the increased online activity and relaxed security measures during this time to launch their attacks. You might remember some of events such as “Leaksmas” when in the days leading up to Christmas, cybercriminals leaked […]
Artificial Intelligence (AI) and Blockchain are two of the most transformative technologies of our time, each with the potential to revolutionize industries and reshape society. When combined with the power of Large Language Models (LLMs), they create a potent synergy that is both exciting and concerning. Some of most notable solutions and frameworks are: TensorFlow, […]
The CIS Critical Security Controls Navigator is a free interactive tool that provides detailed mapping information for both CIS Controls version 7.1 and version 8. This tool makes it easy for organizations to explore how the CIS Controls align with various standards and frameworks. How to use it: Features and Benefits: Additional Resources: Conclusion: The […]
Sender Policy Framework (SPF) is a critical email authentication protocol that helps prevent email spoofing. However, misconfigurations in SPF records can lead to several issues, impacting email deliverability and security. The ~all Qualifier The ~all qualifier in an SPF record is a critical element that determines how receiving mail servers should handle emails that don’t […]
The MITRE ATT&CK framework has become an indispensable tool for both defenders and attackers in the cybersecurity landscape. This comprehensive knowledge base, developed by the MITRE Corporation, provides a standardized taxonomy of adversary tactics, techniques, and procedures (TTPs). By understanding how attackers operate, organizations can enhance their security posture and proactively defend against threats. Why […]
In today’s digital age, cybersecurity threats are more prevalent than ever. Organizations of all sizes, from small businesses to large enterprises, are at risk of cyberattacks that can lead to data breaches, financial loss, and reputational damage. To mitigate these risks, it’s crucial to implement robust security measures. One effective approach is to adopt the […]
