Penetration tests have long been known as a critical security tool that exposes security weaknesses through simulated attacks on an organization’s IT environments. These test results can help prioritize weaknesses, providing a road-map towards remediation. However, the results are also capable of doing even more. They identify and quantify security risk, and can be used […]
Security
Use iPhone as Physical Security Key to Protect Your Google Accounts
Great news for iOS users! You can now your iPhone or iPad, running iOS 10 or later, as a physical security key for securely logging into your Google account as part of the Advanced Protection Program for two-factor authentication. Android users have had this feature on their smartphones since last year, but now Apple product […]
Download Ultimate ‘Security for Management’ Presentation Template
There is a person in every organization that is the direct owner of breach protection. His or her task is to oversee and govern the process of design, build, maintain, and continuously enhance the security level of the organization. Title-wise, this person is most often either the CIO, CISO, or Directory of IT. For convenience, […]
Update Windows 10 Immediately to Patch a Flaw Discovered by the NSA
After Adobe today releases its first Patch Tuesday updates for 2020, Microsoft has now also published its January security advisories warning billions of users of 49 new vulnerabilities in its various products. What’s so special about the latest Patch Tuesday is that one of the updates fixes a serious flaw in the core cryptographic component […]
Adobe Releases First 2020 Patch Tuesday Software Updates
Adobe today released software updates to patch a total of 9 new security vulnerabilities in two of its widely used applications, Adobe Experience Manager and Adobe Illustrator. It’s the first Patch Tuesday for the year 2020 and one of the lightest patch releases in a long time for Adobe users. Moreover, none of the security […]
Download The Ultimate ‘Security for Management’ Presentation Template
There is a person in every organization that is the direct owner of breach protection. His or her task is to oversee and govern the process of design, build, maintain, and continuously enhance the security level of the organization. Title-wise, this person is most often either the CIO, CISO, or Directory of IT. For convenience, […]
PoC Exploits Released for Citrix ADC and Gateway RCE Vulnerability
It’s now or never to prevent your enterprise servers running vulnerable versions of Citrix application delivery, load balancing, and Gateway solutions from getting hacked by remote attackers. Why the urgency? Earlier today, multiple groups publicly released weaponized proof-of-concept exploit code [1, 2] for a recently disclosed remote code execution vulnerability in Citrix’s NetScaler ADC and […]
Critical Firefox 0-Day Under Active Attacks – Update Your Browser Now!
Attention! Are you using Firefox as your web browsing software on your Windows, Linux, or Mac systems? If yes, you should immediately update your free and open-source Firefox web browser to the latest version available on Mozilla’s website. Why the urgency? Mozilla earlier today released Firefox 72.0.1 and Firefox ESR 68.4.1 versions to patch a […]
Researchers Demonstrate How to Hack Any TikTok Account by Sending SMS
TikTok, the 3rd most downloaded app in 2019, is under intense scrutiny over users’ privacy, censoring politically controversial content and on national-security grounds—but it’s not over yet, as the security of billions of TikTok users would be now under question. The famous Chinese viral video-sharing app contained potentially dangerous vulnerabilities that could have allowed remote attackers […]
3 Google Play Store Apps Exploit Android Zero-Day Used by NSO Group
Watch out! If you have any of the below-mentioned file managers and photography apps installed on your Android phone—even if downloaded from the official Google Store store—you have been hacked and being tracked. These newly detected malicious Android apps are Camero, FileCrypt, and callCam that are believed to be linked to Sidewinder APT, a sophisticated […]