Log4Shell’s long-tail impact on your security
ExpressVPN’s mitigation technique against Log4Shell and what you can do to protect yourself against the Log4j vulnerability.
Cybersecurity lessons: Safer private keys with Shamir’s Secret Sharing
Learn how digital certificates work and why Shamir’s Secret Sharing is a secure method for storing private keys.
Cybersecurity lessons: Risk of email takeover via a 4th-party provider
ExpressVPN's Security Team investigated a bug that could have been exploited by signing up on Mailgun and hijacking an email subdomain.
Cybersecurity lessons: Privilege escalation via file read/write
How a highly privileged process interacting with a lower-privilege user space can lead to attackers elevating their access or a DoS attack.
Cybersecurity lessons: A PATH vulnerability in Windows
Our cybersecurity experts discuss the PATH environment variable and the security implications of having it misconfigured.
Cybersecurity lessons: Flaw in Zendesk file-upload feature
Our cybersecurity team worked with Zendesk, a support software provider, to fix a flaw in its file-upload system. Here's a play-by-play of how we did it.
Cybersecurity lessons: Monitoring password manager activity
ExpressVPN's Security Team explains how to detect vulnerabilities and attacks on password managers and analyze the risks.
