Foresight Cyber email encryption review showing interesting results

Foresight Cyber email encryption review showing interesting results

Our company uses Office365 for most business activities. As security professionals, we have setup our email system to be as secure as possible without harming our business. 

In order to detect potential issues, we monitor encryption of inbound and outbound emails to see which email domains have not implemented TLS for network level email encryption. However, we have configured Office365 to enforce encryption for inbound and outbound email receiver/sent to our clients and partners. 

Read More

Patch and check your DMZ firewalls! Oracle WebLogic Affected by Unauthenticated Remote Code Execution Vulnerability (CVE-2019-2725)

Patch and check your DMZ firewalls! Oracle WebLogic Affected by Unauthenticated Remote Code Execution Vulnerability (CVE-2019-2725)

Tenable wrote a good article. Sadly they also missed that weblogic server has no business reaching out to just any server on the one internet hence a good mitigation strategy is also block outgoing traffic from any weblogic server to internet. That could be faster mitigating solution than negotiate with business owners an out of cycle patch window. Of course the patch should be applied anyway later.

Read More