What We Can Learn from Microsoft’s Cybersecurity Nightmare
Microsoft reported around 250,000 victims, after hackers bypassed authentication measures via zero-day exploits.
Hacking a Mainframe in Less than 30 Minutes
In this demo, we’ll exploit a vulnerability that was found in a program running in z/OS. This kind of program could be running on your system right now.
Does Your Mainframe Need Vulnerability Scanning Software?
Any organization that relies on mainframes to secure their most sensitive data needs to scan those mainframes for vulnerabilities using scanning software.
What is a Mainframe Zero-Day Vulnerability and How to Protect Against It
Zero-day vulnerabilities present serious risk to the entire IT environment. In this blog, we’ll talk about how organizations can guard against those risks.
What Are the Categories of Mainframe Vulnerabilities?
Here at KRI, we’re focused on helping businesses take control of their mainframe security. A large part of that means developing and improving our vulnerability detection technology. It’s also important [...]
The Conspiracy of Silence: A Q&A with Mainframe Researcher Phil Young
Having worked in mainframes for decades, I’ve had a front-row seat to one of the industry’s most persistent problems: its attitude toward mainframe security. For a long time, the common belief has been [...]
A Common Mainframe Vulnerability is Hiding in Plain Sight
By Ray Overby Could your mainframe security practices be putting your organization at risk? Mainframe vulnerability management is notoriously overlooked, and there’s one common mainframe threat that most businesses aren’t [...]
In the World of Mainframes, Why is PCI Compliance Overlooked?
The primary focus of the Payment Card Industry Data Security Standard (PCI DSS) is the protection of cardholder data. PCI DSS provides controls for cardholder data that is stored, processed, [...]
How many threats hit the mainframe? No one really knows
Like any other system, mainframes are subject to ransomware attacks, cybersecurity threats, and code-based vulnerabilities that leave them open to serious exposures, but many CIOs, CISOs and security professionals aren’t aware of these risks.