About Us | Contact Us
View Cart
Archive for 'Vulnerability News' Category

New Vulnerabilities Found and Patched in LastPass

By Vigilize - Last updated: Wednesday, August 3, 2016

An article review. Attackers could have used the exploits to compromise users’ password vaults and execute code on affected machines Last week security researchers independently reported two major flaws in LastPass, a popular password management application with users numbering in the millions. While one exploit had been patched for over a year before being disclosed, […]


Windows 10 Exploit Could Let Malware In

By Vigilize - Last updated: Wednesday, August 3, 2016

An article review. The User Account Control bug allowed for malicious code to run with the highest privileges While Windows 10 promises to be the most secure version of the operating system yet, it’s not entirely free from bugs as security researchers pointed out recently. The new exploit targets the Disk Cleanup and Silent Cleanup functions […]


New Top Level Domains Could Expose Companies To Risk

By Vigilize - Last updated: Wednesday, June 15, 2016

An article review. Opportunistic hackers could register new TLDs hoping to prey on misdirected internal traffic   The US Computer Emergency Readiness Team (US-CERT) recently issued a statement for organizations who use top level domain names to route internal traffic, warning that misconfigured proxy servers could route requests for those names to newly registered external […]


Malware Uses Windows Service To Reinstall Itself

By Vigilize - Last updated: Friday, June 10, 2016

An article review. Even after removal, a hijhacked service can reinfect machines targeted with a new technique News of a new malware technique comes from our friend Wes Pollard at Home Bank, who sent us an article about this interesting new threat. Researchers at SecureWorks discovered the malware while responding to a customer incident last […]


Verizon Releases 2015 Data Breach Investigation Report

By Vigilize - Last updated: Monday, April 20, 2015

An article review. Great insights to help you better manage risk Each year the security folks at Verizon partner up with companies around the world to collect, analyze and report on data breaches. This year, their report is 70 pages full of explanations, graphs, charts and statistics. We hope to highlight some of the main […]


Windows Susceptible to FREAK Attack After All

By Vigilize - Last updated: Sunday, March 22, 2015

An article review. Microsoft admits that Internet Explorer is vulnerable to HTTPS hack Earlier this month, Microsoft announced that any Windows computer running any version of Internet Explorer is vulnerable to a FREAK attack. Now the FREAK vulnerability has been around for years; however, it was believed to only affect certain browsers and devices, like […]


Keep Your BYOD Policy Updated

By Vigilize - Last updated: Wednesday, March 18, 2015

An article review. New Device automates iOS Pin Hacking Many companies have Bring Your Own Device policies in place, where employees are allowed to bring their own PCs or mobile devices into the workplace or have business utilities, like email, setup on their personal devices. They also usually have extensive policies allowing remote wiping, etc. […]


The American Monkey Trap

By Dan Hadaway - Last updated: Friday, March 6, 2015

Coming Soon To (or is it from) a Frustrated User Near You! An article about how we 21st Century Americans have been taught to tolerate technologies that do not work. And how that tolerance alone substantially increases risk. And about how we do NOT have to use technology if we can’t find the time to make it “sing.”


Data Leakage Without a Cause

By Dan Hadaway - Last updated: Tuesday, February 24, 2015

If we are going to allow users to “harden” their endpoints, we had better be providing more robust “awareness training” about the risks that come with new assets.


Low-Tech Attack Vector Highly Successful

By Vigilize - Last updated: Sunday, February 22, 2015

An article review. Visual Hacking proves to be extremely effective A recent study conducted by the Ponemon Institute involved some simple experimentation with some alarming results. The researchers showed up as temporary employees at 43 offices operated by 7 large corporations. The corporations had originally agreed to be part of the research. Additionally, management knew […]