The Most Valuable IT Certifications for 2022
Mar 17, 2022 BY DATAPRISE
Dataprise
This is the default author for all Dataprise blog posts.
Sep 14, 2021 BY
Dataprise
Apple NSO Zero-Click Zero-Day: Dataprise Defense Digest
Citizen Lab discovered a zero-day zero-click exploit against Apple’s iMessage. Dubbed FORCEDENTRY, it’s a zero-day exploit that targets Apple’s image rendering library, and is effective against Apple iOS, MacOS and WatchOS devices. They’ve attributed the exploit to the Israeli cyber mercenary group, NSO Group, that is responsible for creating the Pegasus spyware used in numerous high profile exploitations of celebrity, politician, and world leader mobile devices.
Information Security
Sep 09, 2021 BY
Dataprise
User Credential Leak from 2019 Fortinet SSL-VPN Vulnerability: Dataprise Defense Digest
In 2019, FortiGate firewalls had a zero-day vulnerability that was exploited globally, allowing attackers to harvest user VPN credentials, usernames and passwords, remotely. This vulnerability has been addressed and patched by Fortinet in 2019, however, recently, a database of more than 87,000 FortiGate SSL VPN credentials harvested in 2019 has been leaked to the Internet. Researchers have noted that while some of the credentials will no longer work, there are some that still do.
Information Security
Aug 23, 2021 BY
Dataprise
T-Mobile & AT&T Breaches: Dataprise Defense Digest
Two of the biggest wireless carriers in the US have been breached, resulting in millions of records of customer information being stolen and sold on the dark web. Besides the latent threat of identity theft, the repercussions of how this data could be misused could be disastrous on both a personal and a corporate level.
Information Security
Jul 20, 2021 BY
Dataprise
EXECUTIVE SUMMARY
On July 20nd, The Carnegie Mellon University’s Software Engineering Institute published a note on a vulnerability (VU#506989) affecting windows 10 issued a warning about a critical vulnerability affecting Windows 10 build 1809 and above which can grant non-administrative users access to SAM, SYSTEM and SECURITY files.
Information Security
Jul 17, 2021 BY
Dataprise
EXECUTIVE SUMMARY
Microsoft issued a warning about a critical .NET Core remote code execution vulnerability in PowerShell version 7. This is caused by the way text encoding is performed in .NET 5 and .NET Core.
Information Security
Jul 01, 2021 BY
Dataprise
PrintNightmare Analysis: Dataprise Defense Digest
A serious Remote Code Execution (RCE) vulnerability has been identified in the Print Spooler service in Windows Operating Systems. Successful exploitation of this vulnerability can allow an authenticated attacker to execute code and gain SYSTEM privileges. This vulnerability can be mitigated by stopping and disabling the Print Spooler service in Windows, especially Domain Controllers.
Information Security
May 04, 2021 BY
Dataprise
Internal IT Threats: How to Protect Your Business
When we think of modern IT cyber security threats, we often think of a distant hacker probing for security vulnerability gaps in our network, but we may not consider the threat down the hall or on the other side of a virtual meeting. Successful internal attacks are extremely damaging but implementing security best practices can help protect your environment.
IT Fundamentals
{"Address":"9600 Blackwell Road, 4th Floor Rockville, Maryland 20850","AddressRaw":"9600 Blackwell Road, 4th Floor Rockville, Maryland 20850","City":"Headquarters Rockville","DisplayDirectionsLinkSeparately":true,"DistanceFromCurrentLocation":0,"Fax":"Fax: 301.945.0601","IsActive":-1,"Lat":39.101,"Lon":-77.193,"MapAddressID":1,"Office":"HQ","PageUrl":"\/locations\/rockville-md","Phone":"301.945.0700","WebsiteOfficeDesc":"Rockville, MD Headquarters"}