Forrester Names Centrify a Leader in Privileged Identity Management
Today Forrester Research released The Forrester Wave: Privileged Identity Management, Q4 20181. Evaluating 11 vendors, Forrester named Centrify a Leader.
Here at Centrify, we believe this...
A new exploit for zero-day vulnerability CVE-2018-8589
Yesterday, Microsoft published its security bulletin, which patches a vulnerability discovered by our technologies. We reported it to Microsoft on October 17, 2018. The...
Five Tips for NERC CIP Audits
Five Tips for NERC CIP Audits #outlook a{ padding:0; } body{ width:100%...
Patched Facebook Vulnerability Could Have Exposed Private Information About You and Your Friends
In a previous blog we highlighted a vulnerability in Chrome that allowed bad actors to steal Facebook users’ personal information; and, while digging around...
New Docker-based Dev Pipeline: Microservice Projects Just Got A ‘Speed-Boost’
A bulwark of software engineering projects, the development pipeline is an automated process used to deliver changes from development through to production; enabling near...
The Base of Cyber-Attacks: Credential Harvesting
Cyber attackers long ago figured out that the easiest way to gain access to sensitive data is by compromising an end user’s identity and...
The Dos and Don’ts of DevOps
The Dos and Don'ts of DevOps #outlook a{ padding:0; } body{ width:100%...
Spam and phishing in Q3 2018
Quarterly highlights
Personal data in spam
We have often said that personal data is candy on a stick to fraudsters and must be kept safe (that...
Latest article
Hackers Use Six-Layer Persistence to Maintain Access on Compromised FreePBX Systems
A hacker group known as INJ3CTOR3 has been running an active campaign against FreePBX systems, deploying a newly discovered PHP webshell called JOMANGY that...
Metasploit Wrap Up 05/22/2026
Another week, another authentication bypassOur humble Metasploit weekly(ish) blog has been blessed with a new network component vulnerability. The dynamic duo of @sfewer-r7 and...
FBI warns of Kali Oauth stealers
The FBI has warned of the danger from a new wave of phishing attacks generated by a tool called Kali365....
Microsoft Warns: Windows Zero-Day ‘YellowKey’ Can Bypass BitLocker
Microsoft has released a temporary mitigation for YellowKey, a Windows zero-day that can reportedly bypass BitLocker protections.
The post Microsoft Warns: Windows Zero-Day ‘YellowKey’ Can...
