Penetration testing, also known as pen testing, is the practice of simulating a cyber attack on a computer system, network, or web application to test its defenses and identify vulnerabilities that an attacker could exploit. There are two main types of penetration tests: internal and external. Internal penetration tests focus on testing the security of
Read More
The ubiquitous nature of Log4j is part of what makes CVE-2021-44228 so dangerous. Millions of applications, such as iCloud, Steam, and Minecraft, use Log4j for logging. An attacker simply needs to get the app to log a special string to successfully exploit this vulnerability.
Read More
Key cloud security takeaways from RSA 2022 include the need to shore up cloud application security, consolidate tools and mitigate cybersecurity skills shortages, according to ESG
Read More
CVE-2022-28219 is an unauthenticated remote code execution vulnerability affecting Zoho ManageEngine ADAudit Plus, a compliance tool used by enterprises to monitor changes to Active Directory
Read More