cmartin, Author at Security Boulevard

How To Manage the Pen Testing Skills Shortage

|
Language English Penetration testingAccording to the 2020 Pen Testing Report, 97% of cybersecurity professionals surveyed felt that penetration testing was somewhat important or important to their organization’s security posture, with 95% also reporting that penetration testing was at least somewhat important to their compliance initiatives ... Read More

Breached Organization uses Network Insight to Pinpoint Source of Infection

|
breached-org-network-insight-success-700x350.jpg Language English Network InsightA Core Security partner was contacted by a large institution with what is becoming an all too common problem: they had suffered a massive breach from an advanced persistent threat (APT), and they wanted to make sure it never happened again. Read on to find out ... Read More

Pen Testing Stories from the Field: Combining Tools to Take Over an Entire Domain

|
Language English Penetration testingThere is no single set of instructions on how to run a penetration test, and no one manual on how to be a pen tester. The only real constant is that each job is a combination of preparation and improvisation to adapt and adjust to each environment’s ... Read More

Four Network Security Challenges for Organizations with a Remote Workforce

|
cs-preventing-ransomware-with-a-remote-workface-700x350.png Language English Network InsightRecently, the need for being able to work remotely has dominated the news, making it clear that the ability to connect from anywhere may soon become the norm for more businesses and industries than ever before. While remote work may be coveted by many employees, it ... Read More
Common Security Concerns and How to Reduce Your Risk

Common Security Concerns and How to Reduce Your Risk

|
cs-pen-testing-survey-webinar-blog-700x350.jpg Language English Cyber Risk Identity and Access Management Password Penetration testing Privileged Account Management SIEM ... Read More

Three Lessons Learned From A Data Breach

|
cs-blog-lessons-learned-700x350.jpg Language Undefined Antivirus Identity and Access Management Network Insight Penetration testing SIEMData breaches have been plaguing organizations for years, and the numbers continue to climb. After a breach, an organization goes into survival mode—trying to recover data, reestablish trust, and ensure they can keep their business running. It’s understandable ... Read More
Dejablue Vulnerabilities in Windows 7 to Windows 10 [CVE-2019-1181 and CVE-2019-1182]

Dejablue Vulnerabilities in Windows 7 to Windows 10 [CVE-2019-1181 and CVE-2019-1182]

|
Language English Latest from CoreLabsCore Labs has completed an in-depth analysis of two Microsoft vulnerabilities, CVE-2019-1181 and CVE-2019-1182, which were patched in August 2019. These vulnerabilities are particularly interesting and worth further assessment because they affect OS versions ranging from Windows 7 to Windows 10 1903 (x86, x86-64 and ARM64) ... Read More

How Phishing Has Evolved and Three Ways to Prevent Attacks

|
cs-phishing-prevent-attacks-blog-700x350.jpg Language English Penetration testingThe term “phishing” can be traced back to 1996, when it was used to reference a group of attackers that were imitating AOL employees using AOL messenger, asking people to verify their accounts or billing information. Many unsuspecting users fell prey to this scam purely due ... Read More

What is Zeppelin Ransomware? Steps to Prepare, Respond, and Prevent Infection

|
cs-cts-zeppelin-ransomware-article-700x350.jpg Language English Network Insight Penetration testingZeppelin is the latest member of the VegaLocker ransomware family, which also contains strains like Jamper, Storm, or Buran. Zeppelin is an example of well-organized threat actors, as those behind Zeppelin have been incredibly strategic in carefully targeting these ransomware attacks. First spotted in ... Read More

Exploiting Citrix Application Delivery Controller (ADC) and Gateway CVE-2019-19781 with Core Impact

|
Language English Penetration testingA Core Impact module was released on January 14, 2020 to exploit an as-yet unpatched patch traversal flaw in Citrix Application Delivery Controller (ADC) and Gateway (formerly known as NetScaler ADC & NetScaler Gateway) identified as CVE-2019-19781 ... Read More