Windows Dynamic Data Exchange Protocol: Abuse for Fun and Profit

It’s not unknown that if a computers inputs are not sanitized, it’s applications could be vulnerable to various attacks. But during a recent Application Security Assessment, one of our Senior Security Consultants came across an interesting data sanitization insecurity that he says many analysts may be overlooking. Here is his overview of the insecurity and a recommendation on how to mitigate its risks.

Read More
The Thorny Road to Becoming a PCI Approved Scanning Vendor

enableIT is pleased to announce it is a PCI (Payment Card Industry) Approved Scanning Vendor (ASV). Becoming an ASV was an educational process for this organization, as the process is an ever changing one. Here I’ve outlined some recent changes to the ASV certification and application processes, as well as how the certification of our organization benefits our clients.

Read More
Fabrice Mouret
MacKeeper Data Breach

MacKeeper, an increasingly popular MacBook optimization tool suite designed to improve overall system speed, has been revealed to have unintentionally exposed several instances of MongoDB containing sensitive customer data. 

Read More
Fabrice Mouret
Evolution of DDoS Attacks

According to a recently released report from Kaspersky, distributed denial of service (DDoS) attacks for the third quarter of 2015 have given us a unique perspective on the future of DDoS trends. Attacks monitored during this period of time feature an attack sustained over 320 hours and include several noteworthy statistics. 

Read More
Fabrice Mouret
Who is Really Driving?

The things that a computer system allows you to do with your cars nowadays are simply astounding. While there is still a lot to be determined as to how far these vehicle computer systems will go, one thing is for sure, with more computer interactivity comes more potential attack vectors for attackers.

Read More
Fabrice Mouret