Category: Security Recommendations
-
Don’t Take the Smishbait
Unwanted text messages are annoying, but some also hide malicious links. Here are some ways to avoid being “smished.”
-
ManageEngine Applications Manager Stored Cross-Site Scripting Vulnerability (CVE-2021-31813)
Raxis’ lead penetration tester Matt Dunn has discovered another ManangeEngine cross-site scripting (XSS) vulnerability, this time in the Applications Manager product (CVE-2021-31813).
-
Why Mutual Assured Destruction is an Incomplete Cyber Defense Strategy
Is the threat of full-scale retaliation enough to prevent large-scale cyberattacks? Raxis’ COO Bonnie Smyre, who also has a background in Russian and Eastern European studies, explains why this Cold War strategy cannot be as effective at stopping hackers.
-
A High-Tech Take on an Old-Time Scam
Don’t fall prey to scammers trying to convince you that your domain name is about to be stolen by an overseas company.
-
SonicWall Patches Three Zero-Day Vulnerabilities
Cybersecurity company SonicWall has released patches for three zero-day vulnerabilities that are currently being exploited.
-
NSA, FBI, CISA Statement on Russian SVR Activity
The US government is warning businesses to beware of vulnerabilities being exploited by the Russian Foreign Intelligence Service (SVR RF). But that’s not the only group taking advantage. Here’s what you should do.
-
Remediating Account Enumeration Vulnerabilities
Account enumeration reveals to an attacker whether or not he or she has valid user names. This can be first step toward a phishing attempt or other attack. Our Lead Penetration Tester Matt Dunn explains how it works and how to prevent it.
-
Three Questions to Ask Before Connecting a Device to the Internet
Should you connect your latest device to the Internet? Lead Penetration Tester Scottie Cole recommends asking yourself some questions before you do.
-
Why Companies Shouldn’t Overlook Mobile Application Testing
Penetration tests are as important for mobile applications as they are for their web app counterparts. Here’s why.
-
How to Pull Off a Mousejacking Attack
Raxis demonstrates how to conduct a mousejacking attack as part of a penetration test.