IT and Security – A Love Story
10 Tips to Get Security and IT on the Same Page The Montagues and the Capulets. The Sharks and the Jets. Security and IT….
CVE-2023-23397 – Outlook vulnerability
On March 14, Microsoft released the regular Patch tuesday. During this patch Tuesday, Microsoft released 74 new patches addressing CVEs within Microsoft products. Exploiting…
CVE 2023-21716- Microsoft Word RCE
Overview On March 5, a security researcher named Joshua J.Drake shared details about CVE-2023-21716, a Microsoft Word vulnerability that was patched during February 2023…
Identity-based Exposures – 4 Ways to Prevent Them
Weak credentials and overly permissive privileges get leveraged in attacks all the time. Here’s what to do about it. Today, one of the most…
Continuous Compliance:
Where Security’s Rubber Meets Compliance’s Road
How compliance can strengthen security and security can strengthen compliance Compliance and security, though not at all the same, are actually two sides of…
How Financial Services Institutions Are Tackling Continuous Exposure Management
Leading Financial Services institutions are proactively identifying their most high-risk exposures with an Exposure Management platform. This post recounts 4 times they uncovered attack…
From Our Experts: 14 Tips to Reduce Your Exposure to Ransomware
At XM Cyber, we’re all about reducing your cyber exposures to protect your attack surface. There are quite obviously loads of methods attackers leverage…
Attack Surface Reduction: 7 Expert Tips to Defend Your Organization
Back in the day, networks used to be likened to castles – with strong, impenetrable walls and entrance strictly limited to authorized users through…
Extracting Encrypted Credentials from Common Tools
Overview During our day to day research, we face the question of what can be extracted from a compromised machine in order to move…
CVE-2022-42475 – Critical RCE Fortinet Vulnerability
On December 12th, Fortinet, one of the foremost players in the firewall, AV, intrusion prevention systems, and endpoint security ecosystem, announced the discovery of…
2023: Time to Secure Active Directory and Azure AD
Four key action items to harden AD and Azure AD in 2023 First introduced in 1999 as Microsoft Active Directory Domain Services for Windows…
10 Cybersecurity Influencers to Follow – and Learn a Thing or Two From!
The world of cybersecurity changes more frequently than most of us change our socks – and definitely more often than any of us change…
