New Case Study: Credit Union Boosts Secops With Continuous Testing
Learn More
New Research: Broken Attestation in Windows Admin Center
Learn More
Whitepaper: An Inside Look at the Technology Behind Cymulate
Learn More
New Integration Partnership with WIZ!
Learn More
Book a Demo
Book a Demo

From Equifax to Capital One

August 5, 2019

There’s something in the water with web application security. Last week, Capital One disclosed a data breach caused by a web application misconfiguration. Equifax is still cleaning up after its 2017 data breach, the result of an unpatched bug in a web application. Flaws in web applications are abundant and easy to manipulate, making them a target for bad actors. Each new application or device adds to an already healthy pool of vulnerabilities and risk. Read the full article, including Cymulate’s CEO’s take on the Capital One and Equifax breaches:
READ MORE

Featured Resources

View More Resources
image
blog

Kerberos Authentication Relay Via CNAME Abuse 

Originally published January 15, 2026. Updated January 21, 2026, with new attack scenarios in Cymulate Exposure Validation. Cymulate Research Labs

Read More
image
blog

CVE-2026-20965: Cymulate Research Labs Discovers Token Validation Flaw that Leads to Tenant-Wide RCE in Azure Windows Admin Center 

A subtle Azure SSO token validation flaw allowed attackers to escalate privileges and move laterally across WAC-managed systems.

Read More
image
blog

Evolving Vulnerability Management to Continuous Threat Exposure Management 

Shift from reactive vulnerability management to continuous, threat-validated exposure management for real risk resilience.

Read More