Internal Penetration Test Archives - Page 2 of 3

Urgent Vulnerability Notice: Critical Zero-Day Vulnerability Found in Mitel VoIP Appliance ERS

Michelle Drolet

What You Need to Know: A ransomware attack was deployed against an unnamed target, using Mitel’s VoIP appliance an entry point. CVE-2022-29499 is actively being used by attackers to achieve remote code execution and to gain initial access to their victim’s environment. The vulnerability is rated 9.8 in severity on the CVSS vulnerability scoring system.

2 Minute 48 Second Read

Urgent Vulnerability Notice: VMware Vulnerabilities Found in Multiple Products

Michelle Drolet

What You Need to Know: Today, VMware issued patches for two security flaws discovered in Workspace ONE Access, Identity Manager, and vRealize Automation. The vulnerabilities are tracked as CVE-2022-22972 and CVE-2022-22973 and could be exploited to backdoor enterprise networks. The first vulnerability, CVE-2022-22972 has a critical CVSS score of 9.8 and is an authentication bypass

3 Minute 39 Second Read

Urgent Vulnerability Notice: HermeticWizard, HermeticRansom, and IsaacWiper Target Ukraine

Michelle Drolet

What You Need to Know: This week, ESET researchers discovered three new cyberattacks against Ukraine: HermeticWizard, HermeticRansom, and IsaacWiper. There is a new exploit, HermeticWizard, which spreads HermeticWiper across local networks via WMI and SMB. HermeticWizard is a worm that was deployed on a Ukrainian system on February 23, 2022. The malware starts by trying

6 Minute 13 Second Read

Urgent Vulnerability Notice: Log4Shell

Michelle Drolet

What You Need to Know: Security teams are in a hurry to patch an unknown active vulnerability that was found in Apache’s Log4j and is now named Log4Shell. Log4j is a Java-based open-source library used by apps and services, and the newly found vulnerability could allow an attacker to compromise millions of devices across the

3 Minute 48 Second Read

VCISO: A Pragmatic Path To Cybersecurity In Pandemic Times And Beyond

Michelle Drolet

Covid-19 has disrupted our lives and caused a lot of stress and panic globally. Even though lockdowns may be relaxing, cyber-attacks are showing no signs of slowing down. The pandemic has created the perfect environment for hacktivists to strike with a high degree of success. Let’s understand the top five reasons for this: 1. Expanding

4 Minute 37 Second Read

What Exactly Is Automated Penetration Testing? – 2/27/19

Michelle Drolet

What Exactly Is Automated Penetration Testing? Software-based penetration testing is here! Learn how leading companies are taking advantage of this new technology to drive cost-effective remediation. When: Wednesday, February 27th 2:00 PM EST Host: Amitai Ratzon CEO , Pcysys Your Takeaways: A fresh approach to vulnerability remediation prioritization How to ensure your security posture is kept

0 Minute 20 Second Read

Trends in Data Breaches and Comprehensive Response

Michelle Drolet

Trends in Data Breaches and Comprehensive Responses Does your organization have a data breach response plan? Join Michelle Drolet and a team of industry experts for an interactive Q&A panel and discover the best practices for breach response and how to strengthen your organization’s cyber resilience. About the Webinar Join this interactive Q&A panel with

0 Minute 38 Second Read

What You Need to Know About This New Bank Account Threat

Michelle Drolet

Sophos Researcher James Wyke recently did an analysis of the malware Vawtrak. He found that Vawtrak has been targeting financial institutions, especially banks. Vawtrak injects a DLL code into the targeted bank’s website, which allows a bypass of the victim’s two-factor authentication and infects the victim with a mobile malware. The malware then automatically transfers

0 Minute 38 Second Read

10 Things I Know About Social Engineering

Michelle Drolet

10. Don’t trust uniforms. Wearing shirts with company logos on them can be enough to gain access to restricted areas. Verify that visitors really are who they say they are. 9. ID caller from IT. If you receive a call offering IT support for a problem you didn’t know you had, get suspicious. That’s probably

1 Minute 54 Second Read

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Our Cybersecurity Solutions

Virtual Security Officer

We Advise

Industries

Trends & Threats

Knowledge Hub

Our Company

Solutions: Internal Penetration Test

What Exactly Is Automated Penetration Testing? – 2/27/19

Talk with us now about:

Your security needs.

Call 774.204.0700

Email Us