A Successful Self-Service Password Reset (SSPR) Project Requires User Adoption

~ Dade Murphy ~ Leave a comment

The Hacker News-- IT help desks everywhere are having to adjust to the 'new normal' of supporting mainly remote workers. This is a major shift away from visiting desks across the office and helping ones with traditional IT support processes. Many reasons end-users may contact the helpdesk. However, password related issues are arguably the most … Continue reading A Successful Self-Service Password Reset (SSPR) Project Requires User Adoption

New Raccoon Attack Could Let Attackers Break SSL/TLS Encryption

~ Dade Murphy ~ Leave a comment

The Hacker News-- A group of researchers has detailed a new timing vulnerability in Transport Layer Security (TLS) protocol that could potentially allow an attacker to break the encryption and read sensitive communication under specific conditions. Dubbed "Raccoon Attack," the server-side attack exploits a side-channel in the cryptographic protocol (versions 1.2 and lower) to extract … Continue reading New Raccoon Attack Could Let Attackers Break SSL/TLS Encryption

Become a Data-Driven Leader with This Certification Bundle

~ Dade Murphy ~ Leave a comment

Null Byte « WonderHowTo-- If you're interested in becoming an in-demand project manager or leader in today's data-driven world, you need to know more than just a few generic management strategies to lead teams and companies successfully. To land the best and most respected positions in the field, you're going to have to have an … Continue reading Become a Data-Driven Leader with This Certification Bundle

Anchore Engine – A Service That Analyzes Docker Images And Applies User-Defined Acceptance Policies To Allow Automated Container Image Validation And Certification

~ Dade Murphy ~ Leave a comment

KitPloit - PenTest Tools!-- For the most up-to-date information on Anchore Engine, Anchore CLI, and other Anchore software, please refer to the Anchore DocumentationThe Anchore Engine is an open-source project that provides a centralized service for inspection, analysis, and certification of container images. The Anchore Engine is provided as a Docker container image that can … Continue reading Anchore Engine – A Service That Analyzes Docker Images And Applies User-Defined Acceptance Policies To Allow Automated Container Image Validation And Certification

Malvertising campaigns come back in full swing

~ Dade Murphy ~ Leave a comment

Malwarebytes Labs-- Malvertising campaigns leading to exploit kits are nowhere near as common these days. Indeed, a number of threat actors have moved on to other delivery methods instead of relying on drive-by downloads. However, occasionally we see spikes in activity that are noticeable enough that they highlight a successful run. In late August, we … Continue reading Malvertising campaigns come back in full swing

How to Configure Port Forwarding to Create Internet-Connected Services

~ Dade Murphy ~ Leave a comment

Null Byte « WonderHowTo-- Ports allow network and internet-connected devices to interact using specified channels. While servers with dedicated IP addresses can connect directly to the internet and make ports publicly available, a system behind a router on a local network may not be open to the rest of the web. To overcome the issue, … Continue reading How to Configure Port Forwarding to Create Internet-Connected Services

Cynet Takes Cyber Threat Protection Automation to the Next Level with Incident Engine

~ Dade Murphy ~ Leave a comment

The Hacker News-- We have all heard of the "cybersecurity skills gap" — firms' inability to hire and retain high-level cybersecurity talent. I see this gap manifesting in two ways. First, companies that want to hire cybersecurity talent simply cannot find candidates with sufficient skills. Second, companies that cannot afford specialized cybersecurity talent and therefore … Continue reading Cynet Takes Cyber Threat Protection Automation to the Next Level with Incident Engine