Cyber Warfare
Cyber Civil Defense: We Can All Fight the Russians

If you’re outraged over the invasion of Ukraine, there are some things you can do[…]

Why they're not the same: Vulnerability Scans and Pentests
Chained Attacks and How a Scan Can Leave You Vulnerable

Vulnerability scans are useful tools for protecting your network. Find out why you shouldn’t rely[…]

Cookie Jar
Keep Your Cookies in the Cookie Jar: HttpOnly and Secure Flags

How can cookies be used against you? And how do you keep that from happening?[…]

Scottie in 2004 on Navarre Beach in the wake of the Hurricane Ivan
Hurricane Ida: Limiting the Damage

Lead penetration tester Scottie Cole is a Gulf Coast resident and former first responder. Read[…]

Screaming person with smartphone
Don’t Take the Smishbait

Unwanted text messages are annoying, but some also hide malicious links. Here are some ways[…]

Passwords on Post-It notes
12 New Cyber Terms the World Needs Now

The cybersecurity profession has its own lingo. As experts in the field, the Raxis team[…]

Clickjacking causes user to unknowingly purchase tickets
Realistically Assessing the Threat of Clickjacking Today

Raxis’ Lead Developer Adam Fernandez discusses clickjacking, explaining what it is and why it represents[…]

Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)
Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)

Raxis lead penetration tester Matt Dunn has uncovered a new cross-site scripting vulnerability in Manage[…]

Go Phish
Phish Like the Pros

Want some insider tips on creating a great phishing campaign? Raxis lead penetration tester Scottie[…]

LDAP Passback
LDAP Passback and Why We Harp on Passwords

LDAP passback exploits are easy when companies fail to change default passwords on network devices[…]

.be .wa .re .sc .am .me .rs
A High-Tech Take on an Old-Time Scam

Don’t fall prey to scammers trying to convince you that your domain name is about[…]

SonicWall Patches Three Zero-Day Vulnerabilities

Cybersecurity company SonicWall has released patches for three zero-day vulnerabilities that are currently being exploited.