Insecure Direct Object Reference (IDOR) vulnerabilities exist when direct object reference entities can be manipulated in order to gain access to otherwise private information. Learn how they work and how to protect against them.
In the world of malware, Ryuk ransomware has gone from a rookie to a pro at a disturbing speed. Here we take a look at what Ryuk ransomware is, how it spreads, and how to protect your business from it.
Dridex — a malware specifically designed to attack financial services organizations and banks — is Spanning’s Malware of the Month for December 2019. Learn how it has evolved and resulted in the theft of hundreds of millions of dollars from institutions in the form of fraudulent transactions.
The Zeus Virus, or Zbot, is a crafty and undetectable strain of malware that has been rather resilient and shown a strong ability to evolve since its first detection in 2007. For that reason, it’s our Malware of the Month for November, 2019.
The dark web has made identity theft a “lucrative business” which is leading to more pervasive and ingenious attacks – often targeting your customer’s credentials. Learn how to protect your data, business reputation, and customer base.
Kovter — a malware that has evolved from a trojan-based ransomware to a click fraud malware and then to a fileless one — is Spanning’s Malware of the Month for October 2019. Learn how Kovter works and how it has stayed among the most prolific malware in recent years.
XML External Entity (XXE) attacks are a form of injection attack that target weak XML parsers with the goal of exposing confidential information that should typically not be accessible. Learn how they work and how to protect against them.
TrickBot, at its root, is a form of Trojan malware. Like its namesake, malware of this type cleverly disguises its true intent. What’s even more dangerous is that TrickBot is constantly evolving with increasingly potent attacks. Learn more about our Malware of the Month for August, 2019, and what you can do to stay prepared.
The CIA Triad, or Confidentiality-Integrity-Availability, is a flexible model that can be applied to help secure your organization’s information systems, applications, and network. Learn about the three pillars of the framework and how you can implement them into your org’s information security protocol.