Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Windows Server 2012, is the sixth version of the Windows Server operating system by Microsoft, as part of the Windows NT family of operating systems. At the time, Windows Server 2012 brought forth an array of enhanced features and refinements, and over the years, it stood as a cornerstone for many organisations, providing a bedrock of reliability, scalability, and adaptability to accommodate applications and workloads.

On August 21, 2023, Ivanti published a knowledge base article on a critical authentication bypass vulnerability impacting Ivanti Sentry (CVE-2023-38035). For this vulnerability to be exploited, the System Management Portal which is hosted on port 8443 by default must be exposed to the internet. Successful exploitation of this vulnerability could lead to a remote unauthenticated threat actor making configuration changes to the server and the underlying Operating System (OS) as root.

As vulnerability researchers, our primary mission is to find as many vulnerabilities as possible with the highest severity as possible. Finding vulnerabilities is usually challenging. But could there be a way, in some cases, to reach the same results with less effort?

Managing dependencies for a project is a task that requires consistent effort and attention. Surely, you’ve found yourself concerned about any of the following while maintaining a project: Luckily, we’ve been able to use GitHub bots to automate dependency management to an extent with solutions like Dependabot and GreenKeeper. However, these bots mostly automate the creation of a new code pull request that proposes the changes to be made.

The increasing sophistication and frequency of cyber threats have exposed companies to significant risks, including data breaches, financial losses, and reputational damage. Investors have become deeply concerned that these risks can negatively impact their investment decisions. As we have previously discussed, companies and their shareholders must tackle the significant and constantly changing challenge of understanding cybersecurity risk.

The state of Missouri's low-income Medicaid program through the Department of Social Services is responsible for offering medical insurance to Missourans in need. The program ensures that citizens have access to reliable healthcare with minimal costs to them. The University of Missouri, or Mizzou, is a public research institute that was founded in 1839 and serves as Missouri's largest university. Both of these programs were attacked in the recent MOVE-it data breach.

The neon lights of Black Hat and DEF CON, with their flashing demos and groundbreaking presentations, often dazzle attendees and cyber enthusiasts alike. From AI-driven hacking tools to quantum encryption, the subjects covered span a vast spectrum. However, as with any vibrant city, these include areas of risk and concern. For Black Hat 2023 events, APIs are core to these areas.

Organizations in all industries are facing an ever-increasing number of cyber threats. To combat these threats, security teams need to be equipped with powerful tools and technologies that enable them to conduct efficient and effective investigations. We will explore the key features and benefits of ThreatQ Investigations and how it can help security teams stay one step ahead of cyber threats.

As an Internet user, you may face various terrible cases of data theft or illegal perversion by third parties into your personal virtual space. Of course, any attack on your device is unpleasant, but in some situations, a ransomware attack can have immense consequences for you and your data. This is why we are talking about one of the possible types of cybercrimes that threaten our digital safety: ransomware attacks. Ransomware is a category of malware that enables hackers to access their target's files.

Businesses of all sizes are increasingly relying on APIs to connect with their customers, partners, and other systems. APIs, or application programming interfaces, are the building blocks of the modern web, and they allow businesses to share data and functionality in a secure and efficient way. Without APIs, businesses are limited in their ability to innovate and grow. They lack the ability to integrate with other systems, create new products and services, or reach new markets.