Blog
It is no secret that wildly different political views aside, the threat of foreign and even domestic interference in the 2020 U.S. presidential elections is dominating our politics in advance
When CyberOne began research into the vulnerability identified in the F5 TMUI RCE vulnerability advisory, we initially started by reading the advisory and mitigation steps, which contained minimal details but
Many organizations are shocked to learn their systems have been breached, with attackers having exposed vulnerabilities. However, you can defend your organization against these threats by taking some proactive measures.
Versions Tested: GlobalProtect App < 5.1.4 on Windows GlobalProtect App < 5.0.10 on Windows Product: https://www.paloaltonetworks.com/products/globalprotect Security Advisories: https://security.paloaltonetworks.com/CVE-2020-2032 CVE Numbers: CVE-2020-2032 CVSS Score: 7.0 CWE: CWE-367 Time-of-check Time-of-use (TOCTOU)
Missing HttpOnly flags on cookies are a common finding in Web Application penetration testing. Many times, there is confusion surrounding whether it is necessary to enable this flag though. However,
Versions Tested: VMware Fusion 11.5.3 Products: https://www.vmware.com/products/fusion.html https://docs.vmware.com/en/VMware-Remote-Console/index.html https://docs.vmware.com/en/VMware-Horizon-Client/index.html Security Advisories: https://www.vmware.com/security/advisories/VMSA-2020-0011.html CVE Number(s): CVE-2020-3957 CVSS Score: 7.3 CWE: CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-424: Improper Protection of Alternate
Breaches are a fact of life for every business. However, it is possible to stop breaches and improve your security posture by taking a proactive approach to your incident response
Discussions about contact tracing have been ongoing since February 2020, when some experts began looking ahead at how to move through the global COVID-19 pandemic. What Is Contact Tracing? Contact
One thing is clear: no one is safe from ransomware attacks. What is changing, however, are attack modes as threat actors adjust their methods based on evolving mitigation methods being