Image
February 17, 2021
Captcha images don’t provide robust protection as a primary security control. This analysis explores how to prevent automated (bot) attacks.
Blog
Image
February 03, 2021
ScareCrow is a payload creation framework for generating loaders that side-load (not inject) into a legitimate Windows process (bypassing Application...
Tool
Image
February 03, 2021
Even when the hooks are removed, defenders can still leverage other EDR functions, such as host isolation for incident triage or remote.
Blog
Image
February 02, 2021
This post identifies systemic endpoint detection and response issues and examines how attackers can bypass any EDR product.
Blog
Image
Software supply chain compromise explained: What you need to know and lessons learned.
Event
Image
December 11, 2020
Our team describes how single-factor authentication attack surfaces can be exposed in the AirWatch MDM suite and what steps to take to mitigate risks.
Blog
Image
November 05, 2020
A security vulnerability has been found in the Black Duck Hub REST API Python project (“blackduck” in the PyPI repository). Read more.
Blog
Image
October 13, 2020
Application threat modeling decomposes application architecture into security-relevant components to reveal threats and potential risks.
Blog
Image
September 30, 2020
Hackers can use the username structure and deployed technologies in an online document’s metadata to successfully breach the perimeter.
Blog
Image
September 17, 2020
Information security strategies often overlook the threats posed by weaknesses in its physical security posture.
Blog
Image
September 11, 2020
Moving functionality from Java to native implementations in Android increases obscurity but not security.
Tool
Image
September 11, 2020
Moving functionality from Java to native implementations in Android increases obscurity but not security.
Blog