Raxis’ Matt Dunn has discovered another ManangeEngine cross-site scripting (XSS) vulnerability, this time in the Applications Manager product (CVE-2021-31813).
Is the threat of full-scale retaliation enough to prevent large-scale cyberattacks? Raxis’ Bonnie Smyre explains why this Cold War strategy is not effective.
Don’t fall prey to scammers trying to convince you that your domain name is about to be stolen by an overseas company.
Cybersecurity company SonicWall has released patches for three zero-day vulnerabilities that are currently being exploited.
The US government is warning businesses to beware of vulnerabilities being exploited by the Russian Foreign Intelligence Service (SVR RF). But that’s not the only group taking advantage. Here’s what you should do.
Account enumeration reveals whether usernames are valid for use in other attacks. Lead Penetration Tester Matt Dunn explains how it works and how to prevent it.
Should you connect your latest device to the Internet? Lead Penetration Tester Scottie Cole recommends asking yourself some questions before you do.
Penetration tests are as important for mobile applications as they are for their web app counterparts. Here’s why.
Raxis’ penetration testing team demonstrates how to conduct a mousejacking attack to gain access as part of a penetration test.
Qualys has discovered and reported a serious vulnerability (CVE-2021-3156) affecting the sudo utility. Patches are now available and Raxis recommends applying them immediately.
Cisco releases patches for some critical and high-severity vulnerabilities. Learn about the vulnerabilities and patches from the Raxis penetration testing team.
One of our most common findings in Raxis penetration tests is the lack of an effective vulnerability management system. Here’s why that’s important.
