Blogs

Versions Tested:

Recent data shows that 83 percent of IT security professionals are feeling more overworked in 2020 than in 2019, and 82 percent felt that their teams were understaffed.

Missing HttpOnly flags on cookies are a common finding in Web Application penetration testing. Many times, there is confusion surrounding whether it is necessary to enable this flag though. However, cookies can contain session tokens and other values that can be useful to a malicious actor and should be protected.

Versions Tested:
VMware Fusion 11.5.3

Products:

Breaches are a fact of life for every business.

Discussions about contact tracing have been ongoing since February 2020, when some experts began looking ahead at how to move through the global COVID-10 pandemic.

What Is Contact Tracing?

Contact tracing essentially comprises identifying those who have been infected with COVID-19 and notifying as many people as possible who have been in close contact with them within a 14-day window.

Adoption of Zero-Trust and Micro-Segmentat

Public password dumps have been an excellent way for attackers to gain access to accounts. Whether through credential stuffing or utilizing the emails and passwords directly, these dumps are a treasure trove of information. One thing red teamers and malicious actors alike can always count on is that the average user will likely reuse one password across multiple accounts.

One thing is clear: no one is safe from ransomware attacks.

Proactive vs.

Ready or not, it’s NFL draft week. After much debate over how to hold the NFL draft, teams are now on the clock as they prepare for a draft like none before. However, as the league and teams have worked to build out a virtual draft infrastructure that relies on technology like Zoom or Microsoft Teams, many are more vulnerable to hackers than they realize.

Following are 5 tips to tighten security protocols that teams need to implement now:

In times like these, we all could use some good news and CRITICALSTART‘s TEAM