DMARC helps organizations protect their domain from being used in fraudulent emails while improving deliverability and increasing visibility into how their domain is being used
Currently browsing: General
VistaNet Achieves Sophos Gold Partner Status
VistaNet announces its achievement as an official Sophos Gold Partner, expanding cybersecurity capabilities, advanced firewall and MDR services, and enterprise-grade security offerings to organizations seeking stronger ransomware and threat protection.
Securing Remote VPN Connections with MFA & Complex Passwords
Without strong authentication measures, compromised credentials can
easily lead to unauthorized access and data theft
MS365 Plan Comparison
modern-work-plan-comparison-smb5
Read more
The Persisting Challenge of VMware Replacements: Scalability and Feature Set Disparities
In this article we discuss our findings on VMware’s feature set and scalability, presenting a significant problem for small to medium businesses (SMBs)
According to recent reports, over 19 BILLION passwords have been leaked in a massive security crisis.
According to recent reports, over 19 BILLION passwords have been leaked in a massive security crisis
The Benefits of Multi-Factor Authentication (MFA)
Multi-Factor Authentication is more than just a buzzword – it’s a game-changer for online security. By requiring users to provide two or more authentication factors, MFA adds an extra layer of protection against phishing attacks and cyber threats.
Outage Report – 10/6/23
Update 10/8/2023 Data carrier indicated that there was a failure of one of their core routers. They have replaced it […]
I had ChatGPT write a blog on the dangers of using ChatGPT, and the results were pretty amazing.
As with most nerds these days, I have been pretty enamored with the ability of ChatGPT to cull data from the net and write some fairly amazing stuff with it.
VU#730793: Heimdal Kerbos vulnerable to remotely triggered NULL pointer dereference
Overview
The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash.
Description
A flawed logical condition allows a malicious actor to remotely trigger a NULL pointer dereference using a crafted negTokenInit token.
Impact
An attacker can use a specially crafted network packet to cause a vulnerable application to crash.
Solution
The latest version of code in the Heimdal master branch fixes the issue. However, the current stable release 7.7.0 does not include the fix.
Acknowledgements
Thanks to the International Continence Society for reporting this issue.
This document was written by Kevin Stephens.
Recent Posts
-
Understanding the Benefits and Implementation of DMARC for Your Domain
-
November Patch Tuesday does its chores -
Threat Intelligence Executive Report – Volume 2025, Number 5 -
VU#441887: Duc contains a stack buffer overflow vulnerability in the buffer_get function, allowing for out-of-bounds memory read
-
VU#633103: Insufficient Session Cookie Invalidation in nopCommerce ASP.NET Core eCommerce Platform