Lucene search
K

4 matches found

Pen Test Partners Blog
Pen Test Partners Blog
added 2024/11/08 6:17 a.m.22 views

BEC-ware the Phish (part 2): Respond and Remediate Incidents in M365

TL;DR Ensure you can reliably take initial containment actions such as disabling accounts, resetting passwords, and revoking tokens. Token binding ensures that a token only works on the specific device the token was issued and is currently the best protection against token theft. As a minimum...

7.3AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2023/11/21 5:0 p.m.23 views

Microsoft named a Leader in 2023 Gartner® Magic Quadrant™ for Access Management for the 7th year​​

Protecting identity from compromise is top of mind for security professionals as identity attacks continue to intensify. Earlier this year we reported that we had observed a nearly three-fold increase in password attacks per second in the last two years, from 579 in 2021 to 4,000 in 2023.1 Identi...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2005/12/19 5:29 p.m.6 views

security flaw

sslenginekernel.c in modssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions...

10CVSS6.9AI score0.30576EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2005/09/06 1:37 p.m.7 views

security flaw

sslenginekernel.c in modssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions...

10CVSS6.9AI score0.30576EPSS
Exploits0References4
Rows per page
Query Builder