Articles

Article Image
What is defensive regression and why we should care about it in Cybersecurity
July 20, 2017

One of the new things enterprises and information security experts are talking about extensively, is defensive regression.

This is exactly what defensive regression would mean with cybersecurity too. Everything comes with an expiration date.  Your cybersecurity measures may have been robust yesterday, but has there been a ‘regression’ in your defence mechanism since then? This is the core of defensive regression. Now th...

Article Image
What's Really Happening with VC Investment in Cybersecurity?
July 20, 2017

I haven't seen such polarising information on Cybersecurity in a good long while! One day the news channels are waxing eloquent about how VC's can't get enough of cybersecurity startups and the next day there's lamenting about why investment has gone down drastically. So what is really happening with the Cybersecurity startup ecosystem. Is it blooming or are the prospects gloomy? Since data and not metaphysics is often the answer to q...

Article Image
SECURITY ADVISORY- HTTP HOST HEADER ATTACKS AGAINST WEB PROXY DISCLAIMER RESPONSE WEBPAGE
July 20, 2017

Summary
The FortiOS web proxy disclaimer page is potentially vulnerable to an XSS attack, via maliciously crafted Host headers in user HTTP requests. The latter is possible if an attacker is in a Man-in-the-middle position (i.e. able to modify the HTTP requests of the potential victim before they reach the web proxy), or poisons a web cache used by the potential victim.

In the latter attack scenario,...