Skip to main content

Cyolo’s Newly-Formed Security Research Team Presents Critical Vulnerability Findings at BSides Las Vegas 2023

Security research team to empower enterprises with proactive insights into emerging threats introducing recently uncovered critical vulnerabilities presenting significant security risks and compliance issues.

Cyolo, provider of the fastest and most secure zero-trust access solution for enterprise IT and OT, today announced the launch of its recently formed Security Research Team and the details surrounding its upcoming technical session at BSides Las Vegas 2023.

As the threat landscape continues to evolve, staying ahead of potential vulnerabilities is paramount. Cyolo’s recently launched security research team continuously monitors and analyzes the latest security trends, tactics, and techniques to proactively identify and mitigate potential access vulnerabilities. The team, led by top researcher and Cyolo’s Head of Security Research, Dor Dali, closely studies the latest attack vectors and methods to develop countermeasures and defenses that are tailored to protect customers from high-risk access breaches that could cause enormous damage.

“Remote access and high-risk access are the pillars of every organization. By joining Cyolo and researching this area, I feel that I can really make an impact and benefit the entire cybersecurity ecosystem,” said Dor Dali, Head of Security Research at Cyolo. “Security research across known and emerging threats is the next step for us, we aim to contribute as much as we can to the cyber security ecosystem and help bridge the gaps in the identity and network world.”

Cyolo's dedication to sharing knowledge and insights within the cybersecurity community is further demonstrated by its upcoming presentation at BSides Las Vegas 2023. On the heels of Dor's recent disclosure of a new Remote Desktop Gateway vulnerability (CVE-2023-35332) focused on the usage of an outdated and deprecated protocol, he will unveil the latest findings from the Cyolo security research team—including new critical- and high-severity vulnerabilities—in a session titled “Unveiling the Hidden: Discovering RDP Vulnerabilities using PDF Files.”

In this technical presentation, Dor will discuss the somewhat unconventional techniques and methodologies he used to uncover vulnerabilities, introduce the remote desktop protocol (RDP) and show how even one of the most used protocols in the field of RDP can be broken and exploited, and delve into how protocol specifications, open-source implementations, and other publicly accessible resources can be used to reveal hidden risks. He will also provide an overview of the vulnerabilities discovered and an in-depth analysis of the most significant ones.

Cyolo continues to provide leaders in IT and OT security with the tools and research needed to prevent their current access nightmares, ensuring they strike the right balance between securing and enabling the business.

If interested in learning more about recent vulnerabilities and the repercussions you may face, join Dor Dali’s presentation, held on Tuesday, August 8, 2023, at 2:30 p.m. PT at BSides Las Vegas. Guests can register to attend at https://bsideslv.org/registration. The full schedule can be found here.

To learn more about Cyolo, please visit https://cyolo.io/.

About Cyolo

Cyolo helps organizations in the IT and OT spaces to stay both secure and productive in an era of distributed workforces and unprecedented cyberthreats. Cyolo’s next-generation zero-trust access solution enables all users, including employees, third parties as well as remote and on-site workers, to connect to their working environments seamlessly and securely via modern identity-based access. Providing one unified solution that integrates with the existing tech stack and deploys easily in the cloud, on-premises or in a hybrid model, Cyolo empowers the global workforce to securely access anything from anywhere.

Contacts

Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms and Conditions.