"Cybersecurity specialists at Kudelski Group carried out an audit of IOHK’s Icarus code base over the summer. The resulting written reports submitted to our Bourbaki team have been thorough and intelligible, and have enabled IOHK’s engineers to address the issues identified in an efficient way“.
“The Kudelski Security team played an important role in auditing every aspect of our smartcard wallet code. With their defense-in-depth approach to security, they provided in a timely and professional way, the adequate defenses to deliver our solution to the market with confidence”
The presence of COVID-19 has led to some unprecedented times. With a large portion of the workforce now working from home, there are numerous security implications that arise. Our previous post is an extensive FAQ that covers everything you need to know about the cybersecurity concerns and how to address them. Today, we’ll dive into […]
Summary On March 23rd, 2020 Microsoft publicly disclosed the existence of two critical 0-Day vulnerabilities in all recent versions of the Microsoft Windows operating system. Microsoft is aware of limited targeted attacks that leverage these 0-Day vulnerabilities and has provided guidance on how to temporarily mitigate the exploitation of these unpatched vulnerabilities. Patches for these […]
We are having increasing numbers of conversations with clients about cybersecurity and business continuity challenges resulting from the rapid adoption of work-from-home scenarios to combat the spread of COVID-19. Clients are interested in cybersecurity policy updates to improve remote access, and asking for increased employee education around BYOD security, secure WiFi use, basic security hygiene, […]
Updated on March 12th, 2020: to reflect that Microsoft has now made a patch for the vulnerability available. As such, we’ve updated the advisory reflects updated mitigations. Summary On March 10th, a critical Remote Code Execution (RCE) vulnerability in the Microsoft Server Message Block (SMBv3) protocol was inadvertently disclosed. The vulnerability, known as CVE-2020-0796, is caused by how newer Windows operating systems handle certain requests, specifically compressed SMBv3 packets. Microsoft intended to release a patch for this […]
Note that this article is a hands-on, applied, comparison and does not try to explain all the details of differential privacy. For more background information […]