In this week’s ShadowTalk, Richard Gold and Simon Hall join Rafael Amado to discuss SSL (Secure Sockets Layer) interception, a technique used to inspect HTTPS (Hyper Text Transfer Protocol Secure) traffic sent between a client and a webserver. On 30 June, an important Payment Card Industry deadline passed that requires all websites that accept payment […]
In Shadow Talk this week, Dr Richard Gold joins us to discuss the issue of security debt, a term used to refer to the accumulation of security risks over time, such as missed patches, misapplied configurations, mismanaged user accounts. Richard looks into how many of the attacks we see on a regular basis are actually […]
Exploit kit activity is waning. Collectively these malware distribution tools used to be a prominent method of infection. They rely on compromised websites, malicious adverts and social engineering to direct web traffic to their landing pages and attempt the exploitation of vulnerable software. Operated by various actors and groups, exploit kits possess different features, use […]
We’ve previously written on the most popular vulnerabilities that exploit kits are using. But how might the exploit kit market develop over the next year? There are five identifiable of factors that may impact the status of the exploit kit marketplace. The resources held by exploit kit developers The amount of custom they received The […]
One significant aspect of mitigating the risk posed by exploit kits is keeping software up-to-date. However, for some organizations, knowing what to patch as a priority can be difficult. Our latest whitepaper helps organizations to understand what vulnerabilities are most frequently targeted and helps them to prioritize their patching processes. In order to assess the […]