How to reserve a CVE: From vulnerability discovery to disclosure
A CVE, meaning Common Vulnerabilities and Exposure, is a publicly reported vulnerability in software products. Vulnerabilities are assigned CVE IDs to ensure...
Vulnerabilities
SonicWall firewall VPN vulnerability (CVE-2020-5135): Overview and technical walkthrough
A critical stack-based buffer overflow vulnerability was discovered in SonicWall Network Security Appliance (NSA) VPN. In this article, we will address the...
Zerologon CVE-2020-1472: Technical overview and walkthrough
Zerologon is the name of an elevation of privilege vulnerability in which an attacker establishes a vulnerable Netlogon secure channel connection to a Domain...
Software vulnerability patching best practices: Patch everything, even if vendors downplay risks
Software vulnerability continues to be a challenging cybersecurity risk. Cybercriminals are able to seize on these vulnerabilities and breach systems. The...
What is a vulnerability disclosure policy (VDP)?
The vulnerability disclosure policy, or VDP, may be a term that you have heard thrown around at work, in an elevator, at an event and not knowing what it...
MITRE Shield: An active defense and adversary engagement knowledge base
When it comes to collecting tips, tricks and workarounds, it is easy to see quickly that certain concepts and methods are strong against particular setups,...
Common Vulnerability Assessment Types
A vulnerability assessment is a process so complicated that it often requires a comprehensive approach. This would mean that a multiple sub-assessments are...
Common Security Threats Discovered Through Vulnerability Assessments
A vulnerability assessment can efficiently highlight a huge number of diverse security issues. Here are our top 10 security threats that companies may stumble...
Android vulnerability allows attackers to spoof any phone number
Because many employees use mobile devices for work, the widespread use of mobile devices has come to put company networks at risk for cyberattacks. Every...
Malicious Docker images: How to detect vulnerabilities and mitigate risk
Shortcuts are popular because they are more convenient and take less time. Developers have started using Docker because it allows you to place all elements...