DOJ Releases Bug Bounty Framework
The importance of vulnerability disclosure programs (aka bug bounty programs) has become apparent recently for many organizations. They are noticing that these programs are very viable ways to find ...
Posts for category: Best Practices Weekly Summaries
Google Play Protect/New IoT Bill Proposal
Google Play Protect Over the past couple weeks Google has been rolling out a safeguard on Play Services 11 and up against malicious apps on Android devices. This new security suite is called ...
Bad Taste Code Injection Vulnerability
What is it? Last week a code injection vulnerability was discovered in the thumbnail handler component of GNOME Files file manager. If a machine was compromised the attacker would be able to ...
Increasing amount of vulnerable Amazon Web Services servers
What is it? Recently, there have been reports of Amazon Web Services storage servers leaking customer data due to misconfigurations. These reports were concerning Verizon, a California auto loan ...
Windows NTLM Zero-Day Vulnerability
What is it? Microsoft released patches on Tuesday that fixed a serious privilege escalation vulnerability CVE-2017-8563 which affects all Windows operating systems released since 2007. Two NT Lan ...
Weekly Executive Summary for Week of July 7, 2017
Creators Update Ransomware Protection In September or October of 2017 Microsoft will be releasing the Windows 10 Creators Update. Along with this update is a new protection against ransomware ...
Weekly Executive Summary for Week of June 30, 2017
ExPetr Wiper Malware What is it? A new variation of Petya malware has spread across the world and infected Windows PCs used in critical industries. It is thought to have initially spread via ...
Weekly Executive Summary for Week of June 23, 2017
Nigerian Business Email Compromise Attacks What is it? Over the past several months, researchers at Kaspersky have seen over 500 companies in 50 countries get attacked by Nigerian phishing ...
Weekly Executive Summary For Week of June 16, 2017
Securing your home router When it comes to home network security, many people do not realize how vulnerable their routers are. Listed below are some ways you can secure your home router. Keep in ...
Weekly Executive Summary For Week of June 9, 2017
Fireball Adware Infects 250 Million What is it? Researchers at Check Point have discovered that Rafotech, a Chinese digital marketing company, has been running a massive adware campaign that has ...