%term

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

DLL Hijacking: Risks, Real-World Examples and How to Prevent Attacks

Dec 17, 2025 By Mariah Shotts In Ivanti

There’s been buzz around CVE-2025-56383 (published on Sept. 26, 2025), a hijacking vulnerability in Notepad++ v8.8.3 in which a DLL file can be swapped to execute malicious code. The CVE has been disputed by multiple parties, but we’re not here to comment on that. However, we are here to comment on DLL hijacking and discuss the very real threat that it poses to an organization. Let’s look into what DLL hijacking is and what measures you can take to keep your DLLs safe.

Read Post

Ivanti

Read more about DLL Hijacking: Risks, Real-World Examples and How to Prevent Attacks

Evidence as an Input

Dec 17, 2025 By Kosli In Kosli

Scan results aren’t the end — they’re the input to the next control. Evidence must be tied to fingerprints so it’s reusable.

View Video

Kosli

Read more about Evidence as an Input

Multi-domain (multi-san) certificates and better error messages

Dec 17, 2025 By Todd H. Gardner In CertKit

We shipped some big updates this week!

Read Post

CertKit

Read more about Multi-domain (multi-san) certificates and better error messages

How to Protect a Server from DDoS Attacks: 10 Practical Ways That Actually Work

Dec 17, 2025 By OpsMatters In OpsMatters

DDoS attacks are no longer exotic weapons used only against banks, governments, or global tech giants. Today, a small online store, a SaaS startup, or even a personal blog running on a VPS can become a target. The barrier to launching an attack has dropped dramatically, while the damage such attacks can cause has only grown. Any server connected to the internet is exposed by default - the only real question is how prepared it is.

Read Post

OpsMatters

Read more about How to Protect a Server from DDoS Attacks: 10 Practical Ways That Actually Work

From Downtime to Stability: The Role of Managed IT in Modern Operations

Dec 17, 2025 By OpsMatters In OpsMatters

Operational downtime has become one of the most expensive risks modern organizations face. A single system failure can halt workflows, expose security gaps, and drain revenue within hours. And as businesses in Long Beach & beyond grow more dependent on digital systems, the margin for IT failure keeps shrinking. Yet many operations teams still rely on reactive IT models, fixing issues only after they cause disruption.

Read Post

OpsMatters

Read more about From Downtime to Stability: The Role of Managed IT in Modern Operations

Why Release Control Takes Weeks

Dec 16, 2025 By Kosli In Kosli

The industry standard for release control is painfully manual: long-form policy documents, ServiceNow forms, human approvals, meetings, and tickets that take days or even weeks to close. In this video, Mike Long (CEO & Co-founder, Kosli) explains the difference between manual release control and an automated, zero-trust model where evidence is collected automatically, provenance identifies the artifact, and approvals can be fully codified.

View Video

Kosli

Read more about Why Release Control Takes Weeks

Evidence as an Input

Dec 16, 2025 By Kosli In Kosli

Evidence isn’t something you produce at the end — it’s something every control generates for the next one. In this video, Mike Long (CEO & Co-founder, Kosli) explains how vulnerability scans produce evidence tied to the artifact fingerprint and the policy file used, and how that evidence becomes an input to downstream controls like release approvals. This is the core of reusable, continuous compliance.

View Video

Kosli

Read more about Evidence as an Input

How Do We Trust the Evidence?

Dec 16, 2025 By Kosli In Kosli

Evidence only matters if you can trust it. And you can only trust it if the artifact behind that evidence has a verifiable, untamperable origin. In this video, Mike Long (CEO & Co-founder, Kosli) explains why artifact binary provenance is the foundation of trustworthy evidence, and why zero-trust delivery collapses without it. Video Timeline.

View Video

Kosli

Read more about How Do We Trust the Evidence?

ITAM: Your Unexpected First Line of Cyber Threat Defense

Dec 16, 2025 By Julian Critchfield In Ivanti

When the conversation turns to cybersecurity, people often think of firewalls, intrusion detection systems or state-of-the-art endpoint protection. Yet, beneath these sophisticated shields is an essential (and often unsung) foundation: robust IT Asset Management (ITAM). For CIOs guiding mid-sized and enterprise organizations through an increasingly perilous digital landscape, ITAM offers not just operational clarity, but a powerful first line of cyber threat defense.

Read Post

Ivanti

Read more about ITAM: Your Unexpected First Line of Cyber Threat Defense

Discover how to build AI-augmented applications with enterprise-grade security

Dec 16, 2025 By Upsun In Upsun

IT leaders want AI that moves the needle without blowing up risk, cost, or changing control. Your teams need a path to productize AI features on top of existing apps, connect safely to external models, and satisfy audit requirements without slowing delivery. Those are the core buying criteria we hear from IT middle management: buy over build, predictable outcomes, and a strong compliance posture.

Read Post