DoubleClickJacking: The New Threat Businesses Need to Know
By: Karrie Westmoreland
Cybersecurity
Blog,
Cybersecurity,
Vulnerability
Embracing Continuous Compliance: Insights from Industry Experts
In a recent webinar hosted by iFlock in collaboration with Drata and Auditwerx, security experts gathered to discuss the essential role of continuous compliance in cybersecurity. The session, led by industry veterans Barbara Butler from iFlock, Morgan Cumiskey from Drata, and Tim Cunningham from Auditwerx, provided a deep dive into why maintaining...
Share this:
Blog,
Cybersecurity,
Vulnerability
Strengthening Cybersecurity Through Effective Third-Party Risk Management (TPRM)
In the recent iFlock webinar titled "Navigating the Tides: Safeguarding Your Organization Through Third-Party Risk Management (TPRM)," leading industry experts Barbara Butler, iFlock, Morgan Cumiskey, Drata, and Tim Cunningham, Auditwerx delved into the third-party risk management (TPRM). Here are the key takeaways from the discussion.
Share this:
Blog,
Insider,
Cybersecurity
Understanding Windows Privilege Escalation: Why It Should Concern You
Hey there! In today's tech-savvy world, staying on top of your cybersecurity game is more important than ever. Windows privilege escalation is one aspect that often flies under the radar but can have major consequences. But wait, why should you even care? It’s like leaving your backdoor unlocked while you focus on the front; you might not think...
Share this:
Cybersecurity
Active Directory Password Audits: A Key to Compliance with PCI DSS 4.0
In the ever-evolving cybersecurity landscape, safeguarding sensitive data remains paramount for organizations, especially those handling payment card information. The introduction of Payment Card Industry Data Security Standard (PCI DSS) 4.0 has brought with it a set of enhanced requirements aimed at strengthening data security. One significant...
Share this:
Blog,
Cybersecurity
You Don't Have to Do a Caviar Bump to Understand Phish
In the whirlwind world of TikTok trends, a peculiar one has recently made waves - the "caviar bump," where individuals daringly lick fish eggs off the back of their hand. While this may sound bizarre, it's a vivid example of how quickly trends can spread and be adopted without much thought. This parallels another, more serious phenomenon in the...
Share this:
Blog,
Cybersecurity
The Benefits of Phishing Awareness: Cybersecurity Education
Unmasking the Unthinkable: How Phishing Can Be Good for You! Spoiler Alert: Before you grab your pitchforks, let's clarify. We're not advocating for the notorious cybercrime known as phishing. Instead, let's explore how understanding and experiencing phishing in a controlled environment can be surprisingly beneficial. Think of it as a...
Share this:
Blog,
RCE,
Vulnerability
Urgent Security Alert: Critical Flaws in GitLab Require Immediate Action
Urgent Security Breach in GitLab: Immediate Action Required TLP: CLEAR
Share this:
Blog,
Vulnerability,
PoC
Understanding CVE-2022-39952 and its Impact on Fortinet FortiNAC
In today's world, network security is more critical than ever. Unfortunately, vulnerabilities such as CVE-2022-39952 can lead to severe consequences. This vulnerability affects Fortinet FortiNAC, a leading network access control solution, and allows attackers to execute arbitrary commands as an administrator on the affected system. Let's take a...
Share this:
Blog,
Cybersecurity,
Vulnerability
A Deep Dive into the Windows NTLM Privilege Escalation Flaw: CVE-2023-21746
Introduction: Windows NTLM is a commonly used authentication protocol for Windows networks. However, a recent proof of concept (POC) has demonstrated a serious vulnerability in the protocol that could allow attackers to escalate their privileges and gain unauthorized access to sensitive information. This vulnerability, known as CVE-2023-21746, is...