Posts tagged Research

New Research: We’re Still Terrible at Passwords; Making it Easy for Attackers

Threat Research

New Research: We’re Still Terrible at Passwords; Making it Easy for Attackers

Tod Beardsley

FLEXlm and Citrix ADM Denial of Service Vulnerability

Threat Research

FLEXlm and Citrix ADM Denial of Service Vulnerability

Ron Bowes

Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)

Detection and Response

Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)

Deral Heiland

Architecting for Extortion: Acting on the IST’s Blueprint for Ransomware Defense

Threat Research

Architecting for Extortion: Acting on the IST’s Blueprint for Ransomware Defense

Erick Galinkin

25 Years of Nmap: Happy Scan-iversary!

Exposure Management

25 Years of Nmap: Happy Scan-iversary!

Tod Beardsley

Pushing Open-Source Security Forward: Insights From Black Hat 2022

Products and Tools

Pushing Open-Source Security Forward: Insights From Black Hat 2022

Jesse Mack

Are Your Apps Exposed? Know Faster With Application Discovery in InsightAppSec

Products and Tools

Are Your Apps Exposed? Know Faster With Application Discovery in InsightAppSec

Ronan McCrory

Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software

Vulnerabilities and Exploits

Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software

Jake Baines

CVE-2022-31660 and CVE-2022-31661 (FIXED): VMware Workspace ONE Access, Identity Manager, and vRealize Automation LPE

Threat Research

CVE-2022-31660 and CVE-2022-31661 (FIXED): VMware Workspace ONE Access, Identity Manager, and vRealize Automation LPE

Spencer McIntyre

What We're Looking Forward to at Black Hat, DEF CON, and BSidesLV 2022

Threat Research

What We're Looking Forward to at Black Hat, DEF CON, and BSidesLV 2022

Jesse Mack

QNAP Poisoned XML Command Injection (Silently Patched)

Exposure Management

QNAP Poisoned XML Command Injection (Silently Patched)

Jake Baines

Primary Arms PII Disclosure via IDOR (FIXED)

Threat Research

Primary Arms PII Disclosure via IDOR (FIXED)

Tod Beardsley

To Maze and Beyond: How the Ransomware Double Extortion Space Has Evolved

Exposure Management

To Maze and Beyond: How the Ransomware Double Extortion Space Has Evolved

Tom Caiazza

Today’s SOC Strategies Will Soon Be Inadequate

Security Operations

Today’s SOC Strategies Will Soon Be Inadequate

Dina Durutlic

For Finserv Ransomware Attacks, Obtaining Customer Data Is the Focus

Industry Trends

For Finserv Ransomware Attacks, Obtaining Customer Data Is the Focus

Tom Caiazza

For Ransomware Double-Extorters, It's All About the Benjamins — and Data From Healthcare and Pharma

Exposure Management

For Ransomware Double-Extorters, It's All About the Benjamins — and Data From Healthcare and Pharma

Tom Caiazza

CVE-2021-3779: Ruby-MySQL Gem Client File Read (FIXED)

Exposure Management

CVE-2021-3779: Ruby-MySQL Gem Client File Read (FIXED)

Tod Beardsley

CVE-2022-31749: WatchGuard Authenticated Arbitrary File Read/Write (Fixed)

Exposure Management

CVE-2022-31749: WatchGuard Authenticated Arbitrary File Read/Write (Fixed)

Jake Baines

New Report Shows What Data Is Most at Risk to (and Prized by) Ransomware Attackers

Threat Research

New Report Shows What Data Is Most at Risk to (and Prized by) Ransomware Attackers

Rapid7

Complimentary GartnerⓇ Report "How to Respond to the 2022 Cyberthreat Landscape": Ransomware Edition

Threat Research

Complimentary GartnerⓇ Report "How to Respond to the 2022 Cyberthreat Landscape": Ransomware Edition

Tom Caiazza

CVE-2022-32230: Windows SMB Denial-of-Service Vulnerability (FIXED)

Threat Research

CVE-2022-32230: Windows SMB Denial-of-Service Vulnerability (FIXED)

Spencer McIntyre