A security firm named Secura has published a white paper of a vulnerability (CVE-2020-1472) affecting Microsoft's Netlogon authentication component. The vulnerability allows unauthorized code execution on the Domain Controller. The name of vulnerability has been determined as "Zerologon" by the company. The reason the vulnerability is named with this name is that the attack is done by adding the "0" character to the Netlogon authentication parameters. The attack is listed under MITER ATT&CK as "Lateral Movement Tactic" and "Exploitation of Remote Services (T1210)".  

Overview Web applications are critical for all organizations, especially for startups, when it involves building customer trust, in a very short time. An application for a startup is the first place where your potential customers get information about you. It is also the primary way they interact with you. At Security for Everyone, we believe that no matter it’s a mobile or a web application, security is vital. Nevertheless, it’s sometimes difficult to urge developer’s attention to possible vulnerabilities. The time after an attack is just too late to think about security, and it costs you a…

Developments in deep learning and artificial intelligence making our lives easier day by day. They are suggesting what we want to buy, driving our cars, optimizing traffic, taking care of our medical diagnosis, and many other things. In the future, the expectation is using deep learning in courts. It is known that the Chinese government uses a mass surveillance system that gives scores to each individual. Most probably they are also using some deep learning/AI algorithms. In this article, we will mention some security and privacy concerns about using deep learning. There are two…

This article considers the risks of “ Bring Your Device” method that enables using personal mobile devices in business life in terms of information security and the policies that should be followed by the companies. Additionally, solutions for risks that might emerge with BYOD method are considered and statistical information related to the companies that use this method are provided.   Today, mobile devices have continuously increasing usage area. From hospitals to medical applications and ordering in restaurants, mobile devices show differences in terms of information on the devices. Instead of using different devices in private…