Update 10/4/2022 – Microsoft updated their blog with three mitigation options. 10/8/2022 – Updated mitigations. A correction was made to the string in step 6
This is part 1 of a 3 part series on preparing for, preventing, and responding to Business Email Compromise Part 2 – Business Email Compromise
On July 29th, 2022, The New York State Department of Financial Services (NY DFS) published pre-proposal amendments to their landmark Cybersecurity Regulation, 23 NYCRR 500.
On July 29th, 2022, The New York State Department of Financial Services (NY DFS) published pre-proposal amendments to their landmark Cybersecurity Regulation, 23 NYCRR 500.
Did you know that the new GLBA Safeguards Rule take effect in just 5 short months? That’s right. As of December 9th, 2022, financial institutions
Did you know that the new GLBA Safeguards Rule that takes effect in December 2022 includes new requirements for technical security assessments? If you’re a
Background Customers often have questions about their upcoming external network penetration test. Many times our analysts are asked: What systems will be affected? Will this
Description Spring4Shell, or CVE-2022-22965, is a RCE (remote code execution) flaw in the “Spring framework”. Spring, as it is commonly known, is an open-source application
Introduction Understanding the difference between a penetration test and a vulnerability assessment is critical to understanding security posture and managing risk. Vulnerability assessments and Penetration
