Category: Uncategorized

A story of how Security Misconfiguration led to Compromising the Domain Controller What is an Assured Breach? Assumed breach, as the name suggests, is when an attacker has already gained access to the internal network or has compromised an employee machine. This means that the attacker has a foothold in the organization. In our case, […]

Last week a Remote Code Execution vulnerability was disclosed in Spring. Spring is an open-source application framework that provides infrastructure support for creating Java applications that can be deployed on servers as independent packages. Approximately, 70 percent of all Java applications use it. What is CVE-2022-22965? CVE-2022-22965 was assigned to the vulnerability and is considered […]

The last 2-3 years have seen a spike in the adoption of cloud especially among organizations who had possibly never thought about moving to a shared environment due to security concerns like large corporations, banking, financial services, etc. The main drivers have been efficiency, easiness, flexibility, scalability, lower TCO among others. This adoption was further […]