One of the new things enterprises and information security experts are talking about extensively, is defensive regression.
This is exactly what defensive regression would mean with cybersecurity
too. Everything comes with an expiration date. Your cybersecurity
measures may have been robust yesterday, but has there been a
‘regression’ in your defence mechanism since then? This is the
core of defensive regression. Now th...
I haven't seen such polarising information on Cybersecurity in a good
long while! One day the news channels are waxing eloquent about how VC's
can't get enough of cybersecurity startups and the next day there's
lamenting about why investment has gone down drastically. So what is really
happening with the Cybersecurity startup ecosystem. Is it blooming or are
the prospects gloomy? Since data and not metaphysics is often the
answer to q...
The FortiOS web proxy disclaimer page is potentially vulnerable to an XSS attack, via maliciously crafted Host headers in user HTTP requests. The latter is possible if an attacker is in a Man-in-the-middle position (i.e. able to modify the HTTP requests of the potential victim before they reach the web proxy), or poisons a web cache used by the potential victim.
In the latter attack scenario,...