External Attack Surface Management and its Integration with Cybersecurity Operations

Recent news reminds us that vulnerabilities persist in critical infrastructure platforms targeted by financially motivated and state-sponsored espionage threat actors. We're constantly hearing about the exploitation of old and new vulnerabilities as part of cyberattacks. While vulnerability management may be challenging, we must be vigilant and look for ways to improve our cybersecurity defenses. Implementing … Continue reading External Attack Surface Management and its Integration with Cybersecurity Operations →

Quick Take: Proof-of-Concept Exploiting Windows CryptoAPI Spoofing Vulnerability Released

On January 25, 2023, Akamai Security Research released proof-of-concept code that exploits CVE-2022-34689, Windows CryptoAPI Spoofing Vulnerability. The Windows CryptoAPI is the "de facto API in Windows for handling anything related to cryptography.", Akamai researchers explained. This point makes any vulnerability in the Windows CryptoAPI particularly concerning. "According to Microsoft, the vulnerability allows an attacker … Continue reading Quick Take: Proof-of-Concept Exploiting Windows CryptoAPI Spoofing Vulnerability Released →