Posts tagged Risk Management

Geopolitics and Cyber Risk: How Global Tensions Shape the Attack Surface

Industry Trends

Geopolitics and Cyber Risk: How Global Tensions Shape the Attack Surface

Jeremy Makowski

Pen, Paper, and Preparedness: What the UK's Latest Cyber Guidance Really Means

Industry Trends

Pen, Paper, and Preparedness: What the UK's Latest Cyber Guidance Really Means

Emma Burdett

Preparing for Unknown Risks:
How to Better Prepare for Risks You Can't See Yet

Exposure Management

Preparing for Unknown Risks: How to Better Prepare for Risks You Can't See Yet

Robin Long

Peeking into the crystal ball: What 2023 cyber threats told us about 2024

Threat Research

Peeking into the crystal ball: What 2023 cyber threats told us about 2024

Rapid7

Active Exploitation of IBM Aspera Faspex CVE-2022-47986

Exposure Management

Active Exploitation of IBM Aspera Faspex CVE-2022-47986

Caitlin Condon

CVE-2023-22501: Critical Broken Authentication Flaw in Jira Service Management Products

Exposure Management

CVE-2023-22501: Critical Broken Authentication Flaw in Jira Service Management Products

Caitlin Condon

Ransomware Campaign Compromising VMware ESXi Servers

Detection and Response

Ransomware Campaign Compromising VMware ESXi Servers

Caitlin Condon

Exploitation of GoAnywhere MFT zero-day vulnerability

Threat Research

Exploitation of GoAnywhere MFT zero-day vulnerability

Caitlin Condon

Rapid7 Added to Carahsoft GSA Schedule Contract

Industry Trends

Rapid7 Added to Carahsoft GSA Schedule Contract

Rapid7

CVE-2022-3786 and CVE-2022-3602: Two High-Severity Buffer Overflow Vulnerabilities in OpenSSL Fixed

Exposure Management

CVE-2022-3786 and CVE-2022-3602: Two High-Severity Buffer Overflow Vulnerabilities in OpenSSL Fixed

Rapid7

CVE-2021-39144: VMware Cloud Foundation Unauthenticated Remote Code Execution

Vulnerabilities and Exploits

CVE-2021-39144: VMware Cloud Foundation Unauthenticated Remote Code Execution

Caitlin Condon

CVE-2022-42889: Keep Calm and Stop Saying "Text4Shell"

Exposure Management

CVE-2022-42889: Keep Calm and Stop Saying "Text4Shell"

Erick Galinkin

CVE-2022-36804: Easily Exploitable Vulnerability in Atlassian Bitbucket Server and Data Center

Exposure Management

CVE-2022-36804: Easily Exploitable Vulnerability in Atlassian Bitbucket Server and Data Center

Ron Bowes

The 2022 SANS Top New Attacks and Threats Report Is In, and It's Required Reading

Detection and Response

The 2022 SANS Top New Attacks and Threats Report Is In, and It's Required Reading

Tom Caiazza

Active Exploitation of Multiple Vulnerabilities in Zimbra Collaboration Suite

Exposure Management

Active Exploitation of Multiple Vulnerabilities in Zimbra Collaboration Suite

Caitlin Condon

QNAP Poisoned XML Command Injection (Silently Patched)

Exposure Management

QNAP Poisoned XML Command Injection (Silently Patched)

Jake Baines

Active Exploitation of Atlassian’s Questions for Confluence App CVE-2022-26138

Exposure Management

Active Exploitation of Atlassian’s Questions for Confluence App CVE-2022-26138

Glenn Thorpe

To Maze and Beyond: How the Ransomware Double Extortion Space Has Evolved

Exposure Management

To Maze and Beyond: How the Ransomware Double Extortion Space Has Evolved

Tom Caiazza

Exploitation of Mitel MiVoice Connect SA CVE-2022-29499

Exposure Management

Exploitation of Mitel MiVoice Connect SA CVE-2022-29499

Caitlin Condon

For Finserv Ransomware Attacks, Obtaining Customer Data Is the Focus

Industry Trends

For Finserv Ransomware Attacks, Obtaining Customer Data Is the Focus

Tom Caiazza

For Ransomware Double-Extorters, It's All About the Benjamins — and Data From Healthcare and Pharma

Exposure Management

For Ransomware Double-Extorters, It's All About the Benjamins — and Data From Healthcare and Pharma

Tom Caiazza