We successfully renewed our Crest Membership

Kyos team is proud to announce that we successfully renewed our Crest Membership. This accreditation allows our clients to get CREST Certified penetration testings directly from Kyos. This standard ensures clients that they can get high-quality services from Kyos and entrusted professional ethical hackers. ‘CREST is pleased to welcome Kyos as an accredited member company’, …

We successfully renewed our Crest Membership Read More »

Exchange zero-day Exploit

Whether you are a Kyos customer or not, considering the criticality of this flaw, we offer you a free primary investigation of your Exchange server, to determine if it is still vulnerable, as well as to identify if any potential attacks have taken place, which we know is very likely. Even though Kyos Exchange Servers have not been affected, 50% of our customers with on-premise Exchange Servers have been impacted, despite the application of the patch that we performed the same day.

0-day Vulnerability

On March 2, Microsoft has released an emergency security update for Microsoft Exchange to remediate six vulnerabilities allowing remote code execution, of which 4 can bypass any authentication control.

Security of data in the cloud

The concept of Cloud has evolved in the last 20 years, and security concerns have grown with it. The first serious effort to provide data hosting in the Cloud comes with Amazon Simple Storage Service (S3), and with it the security burden to make sure that correct permissions were configured to avoid private data to become public.