Lurking Threats in Post-Authentication SessionsAn attacker doesn’t need your password anymore. They don’t even need to break your MFA. They just need to get ahold of your session. And…Mar 21Mar 21
Log4Shell Exploitation (CVE-2021–44228)By the time you read this, you’ve surely heard all about the recent Apache Log4j 2 vulnerability publicly disclosed via Apache’s project…Feb 8, 2022Feb 8, 2022
How to discover the PwnKit vulnerability and validate your readinessWhile it may seem like the right course of action is to stop everything and immediately start patching the recent PwnKit vulnerability…Feb 8, 2022Feb 8, 2022
A Nightmare on Print StreetGreenpeace recently took credit for the PrintNightmare exploitation. Warning that if the world does not shift to paperless immediately…Sep 8, 2021Sep 8, 2021
Top Exploited Vulnerabilities — Don’t Just Patch-a-MoleThere are patches or remediations for all the top vulnerabilities, but they’re still being exploited in the wild. Why is that? Well, if…Aug 7, 2021Aug 7, 2021
Addressing the agent in the roomYou had me at product. you lost me at agent. If only I had a penny for the number of times I heard the under-deliver over-promise of…Feb 20, 2021Feb 20, 2021
Incident Response: Don’t Let That Data Age-outThe day when retention and cloud operating compute-power became irrelevant — picture that.Jun 28, 2019Jun 28, 2019
