Latest News & Articles
Secure Our World: 20 Years of CISA’s Cybersecurity Awareness Month
Every October, the United States government, in collaboration with public and private sectors, observes Cybersecurity Awareness Month. This annual event,
Honoring the Heroes of 9/11
Twenty-two years have passed, but the scars of that tragic day remain etched in our collective memory. Today, we pay
The Importance of Strong Passwords: Best Practices for Online Security
Whether it’s safeguarding personal email accounts, sensitive financial information, or even critical business data, the significance of a robust password
Security Resources
CISA's Known Exploited Vulnerabilities Catalog
Minimize Cybersecurity Risk with the Known Exploited Vulnerabilities (KEV) Catalog
In November 2021 the Cybersecurity and Infrastructure Security Agency (CISA) started the Known Exploited Vulnerabilities (KEV) Catalog and Binding Operational Directive 22-01. The KEV catalog lists only vulnerabilities known to be actively exploited.
KEV Catalog: “PrintNightmare” (CVE-2021-34527)
CVE-2021-34527 is a critical Windows Print Spooler vulnerability that allowed malicious actors to remotely inject DLLs and get administrative rights.
KEV Catalog: “ZeroLogon” NetLogon Privilege Escalation Vulnerability (CVE-2020-1472)
In July 2020 a critical privilege escalation vulnerability emerged that affected Active Directory environments: CVE-2020-1472. Nicknamed “ZeroLogon”, the vulnerability was
Active Directory Series
Active Directory Series: Introducing AD CS
This post introduces Active Directory Certificate Services (AD CS) and topics like: public key infrastructure (PKI), the Kerberos pre-authentication protocol PKINIT, Certificate Signing Requests (CSR), and templates. This overview provides a baseline for learning AD CS penetration testing.
KEV Catalog: “SMBGhost” Microsoft SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796)
“SMBGhost” is a critical vulnerability that affected SMBv3 in Windows 10 Versions 1903 and 1909. The vulnerability is an integer
KEV Catalog: “HiveNightmare” aka ”SeriousSAM” Vulnerability CVE-2021-36934
CVE-201-36934 is called Microsoft Windows SAM Local Privilege Escalation Vulnerability and is also known by the nicknames “HiveNightmare” or “SeriousSAM”.
What is Zero Trust and How To Build It In Your Organization
When you adopt the Zero Trust model in your organization, it means that you’ve implemented a system of controls and
Cybersecurity Teams: An Introduction to Red Team
In order to understand Red Team, it is important to be aware of the different cybersecurity roles (teams) and functions
Troubleshooting and Resetting Windows Update
Patch Tuesday, or Update Tuesday, is Microsoft’s monthly release of security fixes for Microsoft software and the Windows operating system.
EU Data Authorities Warn Fans Not to Download Qatar World Cup App
Experts have labeled the Hayya and Ehteraz apps, which foreign visitors to Qatar are asked to use, as “spyware” due