How to Fix Improper Application of ASLR
Recently, it has been reported that Windows 8, 8.1 and 10 fail to properly implement ASLR. Address Space Layout Randomization (ASLR) is a security technique used to prevent the exploitation of memory ...
Posts for category: Best Practices
Huge Flaw Discovered in Microsoft Office
In this month’s Patch Tuesday, Microsoft patched a massive vulnerability affecting all Microsoft Office versions released in the past 17 years that allows for malicious code execution. The ...
New Windows 10 Standards for Secure Devices
Earlier this week, Microsoft published an article detailing the new Windows 10 standards consumers should follow to have a secure device, specifically for the Fall Creators Update. The standards ...
Recently, there have been reports of different websites leveraging their user’s browsers to mine cryptocurrencies. Researchers at AdGuard decided to try and evaluate the scale and impact of this ...
MS Office DDE Exploit/BadRabbit Ransomware
Over the past few weeks there have been reports of attackers exploiting a built-in Microsoft Office feature and leveraging it in several large malware campaigns. The feature being exploited is called ...
KRACK/Lessen the chances of shoulder surfing
Earlier this week, a critical vulnerability in WPA2 was exposed to the public. Security researchers found that WPA2 can be abused to eavesdrop on traffic users believe to be encrypted. The attack, ...
OnePlus Data Collection Practice/Apple ID Phishing
Earlier this week, security researcher Christopher Moore published a blog post detailing the questionable data collection practice of OnePlus. OnePlus is a smartphone manufacturer based in Shenzhen, ...
EFI Firmware Vulnerabilities Present in Millions of Up-to-Date Macs
Researchers at Duo found that Mac users who have kept up with security updates may be much more vulnerable than they expect. During their research, Duo analyzed over 73,000 Macs and discovered that ...
Disaster Recovery Best Practices
TeraGo released a white paper detailing disaster recovery best practices. They performed a survey in partnership with IDC Canada of different Canadian organizations’ disaster recovery plans and ...
Thousands of ElasticSearch Servers Compromised
Researchers at the Kromtech Security Center have found around 15,000 unsecure Elasticsearch servers with more than 4,000 of those hosting point-of-sale (POS) malware. Among these 4,000 servers, 99% ...