Security

1 min read

Vulnerability discovered by Aleksandar Nikolic of Talos. Talos has identified an information disclosure vulnerability in Foxit PDF Reader (TALOS-2016-0201/CVE-2016-8334). A wrongly bounded call to `memcpy`, while parsing jbig2 segments within a PDF file, can be triggered in Foxit PDF Reader causing an out-of-bounds heap memory to be read into a buffer. The `memcpy` call is properly […]

2 min read

In April we covered the description of Email Spoofing using Microsoft Outlook, but what about detecting and mitigating it on the Mail Transfer Agent (MTA)? There are multiple technologies that have attempted to address the issues surrounding spoofed emails on the MTA, but they all have shortcomings that can limit their usefulness. DKIM, or Domain […]

4 min read

On or Off the Clock, Staying Cyber Secure is a New Fact of Life  Cybersecurity has always been a major concern for workplace networks. But, increasingly, it is top of...

3 min read

Thanks to DigiCert for their contributions co-authoring this post. Interoperability for technology solutions is a top priority—standards used in these solutions become irrelevant when products operate in a silo. Thus, shifting to a new protocol in any solution takes careful consideration and collaboration by multiple parties in order to achieve a seamless operation. One such […]

4 min read

As groups around the world continue the conversation around cybersecurity – we’re at the midway point of National Cyber Security Awareness Month (#NCSAM) in the U.S. and European Cyber Security...

1 min read

      Locky has continued to evolve since its inception in February 2016. This has made it difficult to track at times due to changes in the way in which it’s distributed as well as various characteristics of the malware itself. The actors responsible for Locky have continuously attempted to improve operational security (OpSec) […]

2 min read

Picture in your mind a typical US federal agency. Go ahead, close your eyes and imagine it. Seriously, do it. As you think about that agency, pick the...

1 min read

Patch Tuesday has once again arrived! Microsoft’s monthly release of security bulletins to address vulnerabilities provides fixes for 37 newly disclosed security flaws. Today’s release sees a total of 10 bulletins with five of the bulletins rated critical, addressing vulnerabilities in Edge, Graphics Component, Internet Explorer, Video Control, and Adobe Flash Player. Four bulletins are […]

3 min read

People are a core component of an organization’s protection efforts, and organizations should place employees at the center of their security efforts.