Affordable, manageable, understandable solution for cyber security. Get early access for Product X !
Lightweight Cryptology Standardization
Lightweight Cryptology Standardization

  Standard cryptology methods are well designed for desktop or server environments, so they are applicable for old systems. But today's technology evolves on small devices that connect with each other, like in the internet of things, the network of sensors, or similar areas. There are some constraints about storage, cost, surface area, electric usage, and many more with these small devices. This has led to the need for lightweight cryptology methods today. Unfortunately, there is no standardization by NIST in lightweight cryptology. NIST realized this problem and made a call for a lightweight algorithm and standardization process. First of…

Read More
Zero Trust Architecture
Zero Trust Architecture

Zero Trust is a security model introduced in 2010 by John Kindervag, a former Forrester analyst. Since then, Zero Trust has become one of the most common patterns in cybersecurity. In the last few years, the significant data breaches show that all companies, from small to largest, need to be more active in security. The Zero Trust Model is the right fit for this business. This article will discuss what Zero Trust architecture is, why it is so important, its principles, and principles. Good reading. What is Zero Trust? Zero Trust is a security model that requires strict authentication of…

Read More
The History Of Bug Bounty Program
The History Of Bug Bounty Program

Today, bug bounty programs are an increasingly common method to find and fix various vulnerabilities on the Internet. This method is used by small companies, as well as large companies such as Google, Yandex, Paypal, Facebook. The need for bug bounty programs is due to the increasing number of cyber attacks today. According to an article published in 2020, 16 billion records were stolen in 2020 due to these attacks. 8.4 billion of these stolen records constitute the first quarter of 2020, and in this case, it is observed that it has increased by 273% compared to the first…

Read More
Zerologon Vulnerability: Becoming a domain admin in 10 seconds CVE-2020-1472
Zerologon Vulnerability: Becoming a domain admin in 10 seconds CVE-2020-1472

A security firm named Secura has published a white paper of a vulnerability (CVE-2020-1472) affecting Microsoft's Netlogon authentication component. The vulnerability allows unauthorized code execution on the Domain Controller. The name of vulnerability has been determined as "Zerologon" by the company. The reason the vulnerability is named with this name is that the attack is done by adding the "0" character to the Netlogon authentication parameters. The attack is listed under MITER ATT&CK as "Lateral Movement Tactic" and "Exploitation of Remote Services (T1210)".  

Read More