Blog

2 Mar, 2018

Open Source Server Side e-mail Scanner

By |Uncategorized|0 Comments

Clam AntiVirus is an anti-virus toolkit, designed especially for e-mail scanning on mail gateways. It provides a multi-threaded daemon, a command line scanner, and an advanced tool for automatic database updating via Internet. The ClamAV engine can be reliably used to detect several kinds of files. In particular, some phishing emails can be detected using [...]

28 Feb, 2018

How SAML Flaw bypasses password using Single-Sign-On

By |Uncategorized|0 Comments

A newly discovered vulnerability lets attackers take advantage of single sign-on (SSO) systems relying on Security Assertion Markup Language (SAML) and authenticate as another user without knowing his or her password. Step one of SSO authentication is via the Identity Provider (IdP), which checks usernames and passwords, verifies account status, and prompts two-factor authentication. The [...]

9 Jan, 2018

Importance of Vulnerability Management

By |Uncategorized|0 Comments

The number of attacks like the recent one against Equifax have risen dramatically in the last few years, resulting in the exposure of hundreds of millions of private records. Almost without exception there has been some fundamental flaw related to configuration or patching of systems. This trend will continue without systems designed to automatically identify, [...]

8 Jan, 2018

Planning for Disaster Recovery

By |Uncategorized|0 Comments

Given the constant and connected nature of software driven businesses, customers and users have grown to be less forgiving and more fickle with their attention. An outage in a single service can impact all of its users. An outage in a multi-tenant platform has an exponential impact as it impacts the users of all the [...]

6 Jan, 2018

CPU Exploits: Understanding Meltdown & Spectre

By |Uncategorized|0 Comments

Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. Security researchers working for Google’s Project Zero group, along with other research groups and academic institutions, have discovered a series of far-ranging security risks involving speculative execution. Speculative execution is one [...]

3 Jan, 2018

Serverless computing

By |Uncategorized|0 Comments

How does renting computing horsepower sound. Rather than taking the complications of designing and managing cloud architecture, some CIOs are going “serverless.” With serverless computing, cloud instances are no longer allocated, only to sit idle until called upon to fuel applications and other functions. Rather, resources are provisioned only when a specific event occurs. When [...]

3 Jan, 2018

Lack of C-level Oversight in Security

By |Uncategorized|0 Comments

Despite all the attention that massive hacks and other breaches have attracted in recent years, organizations everywhere still struggle to comprehend the scale of and manage emerging cyber-risks. Of the more than 9,500 senior executives in 122 countries who participated in PricewaterhouseCoopers' Global State of Information Security Survey (GSISS) 2018, only 39% say they are [...]

31 Dec, 2017

Financial Impact of Cyber Threats

By |Cybersecurity, General|0 Comments

The WannaCry and NotPetya ransomware epidemics demonstrated how quickly malware can spread across the globe and cripple businesses. Their impact extended beyond traditional IT infrastructure into operational systems used to control industrial, manufacturing, and critical infrastructures. The scale of these incidents is forcing organizations to consider the financial impact and business exposure associated with cyber [...]

30 Dec, 2017

Top cloud security threats for 2018

By |Cloud, Cybersecurity, General|0 Comments

Cloud computing continues to transform the way organizations use, store, and share data, applications, and workloads. It has also introduced a host of new security threats and challenges. With so much data going into the cloud—and into public cloud services in particular—these resources become natural targets for bad actors. Contrary to what many might think, [...]