Latest News & Articles
Every October, the United States government, in collaboration with public and private sectors, observes Cybersecurity Awareness Month. This annual event,
Whether it’s safeguarding personal email accounts, sensitive financial information, or even critical business data, the significance of a robust password
CISA's Known Exploited Vulnerabilities Catalog
In November 2021 the Cybersecurity and Infrastructure Security Agency (CISA) started the Known Exploited Vulnerabilities (KEV) Catalog and Binding Operational Directive 22-01. The KEV catalog lists only vulnerabilities known to be actively exploited.
“Certifried” is an Active Directory privilege escalation vulnerability found in AD Certificate Services in May 2022 by Oliver Lyak.
This critical remote code execution vulnerability was announced in June 2022 and affected both Atlassian Confluence servers and data centers.
Active Directory Series
This post introduces Active Directory Certificate Services (AD CS) and topics like: public key infrastructure (PKI), the Kerberos pre-authentication protocol PKINIT, Certificate Signing Requests (CSR), and templates. This overview provides a baseline for learning AD CS penetration testing.
In July 2020 a critical privilege escalation vulnerability emerged that affected Active Directory environments: CVE-2020-1472. Nicknamed “ZeroLogon”, the vulnerability was
On July 13, 2023, the Biden administration issued the first iteration of its National Cybersecurity Strategy Implementation Plan. Some experts
An effective cyber defense strategy should not only include preventative measures but also focus on identifying attacks as they happen
Forth Worth’s cybersecurity was tested by the hacktivist group SiegedSec this past week. This article delves into the motivations behind
Drones have emerged as the go-to solution to complete dangerous tasks that often put humans at great risk. Drone are
The Cyber Battlefield: Analyzing China’s Aggressive Campaign of State-Sponsored Hacks