9 min
Vulnerability Management
Patch Tuesday - March 2021
Another Patch Tuesday (2021-Mar
[https://msrc.microsoft.com/update-guide/releaseNote/2021-Mar]) is upon us and
with this month comes a whopping 122 CVEs. As usual Windows tops the list of
the most patched product. However, this month it’s browser vulnerabilities
taking the second place, outnumbering Office vulnerabilities 3:1! Lastly, the
Exchange Server vulnerabilities this month are not to be ignored as more than
half of them have been seen exploited in the wild.
Vulnerability Breakdown by S
Read Full Post
3 min
Cloud Security
How to Keep Up With Vulnerability Management Challenges in Ephemeral Cloud Environments
The modern perspective is that the cloud has made it much easier to have visibility of your attack surface and everything you’re working with.
Read Full Post
4 min
News
Mass Exploitation of Exchange Server Zero-Day CVEs: What You Need to Know
On March 2, Microsoft released details on an active state-sponsored threat campaign exploiting four zero-day vulnerabilities in on-premises instances of Microsoft Exchange Server.
Read Full Post
4 min
Vulnerability Management
Building a Holistic VRM Strategy That Includes the Web Application Layer
Co-sponsored by Forrester, a recent Rapid7 webcast expounds upon the topics discussed in this blog post.
Read Full Post
2 min
News
VMware vCenter Server CVE-2021-21972 Remote Code Execution Vulnerability: What You Need to Know
On Feb. 23, 2021, VMware published an advisory describing three weaknesses affecting VMware ESXi, VMware vCenter Server, and VMware Cloud Foundation.
Read Full Post
4 min
Vulnerability Management
Take the Full-Stack Approach to Securing Your Modern Attack Surface
Let’s take a more in-depth look at modern vulnerability risk management (VRM) and what to look for in a holistic solution.
Read Full Post
4 min
InsightVM
New InsightVM Dashboard Helps You Discover Significant Changes in Your Environment from the Past 30 Days
Organizations are in a constant struggle to identify and reduce risks in their constantly changing environments
Read Full Post
4 min
Vulnerability Disclosure
CVE-2021-22652: Advantech iView Missing Authentication RCE (FIXED)
Advantech iView versions prior to 5.7.03.6112 suffer from an instance of "CWE-306: Missing Authentication For Critical Function."
Read Full Post
7 min
Vulnerability Management
Patch Tuesday - February 2021
The second Patch Tuesday of 2021 is relatively light on the vulnerability count,
with 64 CVEs being addressed across the majority of Microsoft’s product
families. Despite that, there’s still plenty to discuss this month.
Vulnerability Breakdown by Software Family
FamilyVulnerability CountWindows28ESU14Microsoft Office11Browser9Developer Tools
8Microsoft Dynamics2Exchange Server2Azure2System Center2Exploited and Publicly
Disclosed Vulnerabilities
One zero-day was announced: CVE-2021-1732
[https:
Read Full Post
2 min
News
Cisco Patches Recently Disclosed "sudo" Vulnerability (CVE-2021-3156) in Multiple Products
Cisco has released security updates to address vulnerabilities in most of their product portfolio.
Read Full Post
3 min
News
SonicWall SNWLID-2021-0001 Zero-Day and SolarWinds’ 2021 CVE Trifecta: What You Need to Know
2021 continues to deliver with an unpatched zero-day exposure in some SonicWall appliances and three moderate-to-critical CVEs in SolarWinds software.
Read Full Post
2 min
Vulnerability Management
Vulnerability Scanning With the Metasploit Remote Check Service (Beta Release)
InsightVM and Nexpose customers can now harness the power of the Metasploit community to assess their exposure to the latest threats.
Read Full Post
1 min
Vulnerability Management
Upcoming Rapid7 Webcast: How Far Does Your VRM Strategy Go?
Web applications have been growing in complexity over the past several years, while also becoming the preferred method for attackers looking to capitalize.
Read Full Post
7 min
Vulnerability Management
Patch Tuesday - January 2021
We arrive at the first Patch Tuesday of 2021 (2021-Jan
[https://msrc.microsoft.com/update-guide/releaseNote/2021-Jan]) with 83
vulnerabilities across our standard spread of products. Windows Operating
System vulnerabilities dominated this month's advisories, followed by Microsoft
Office (which includes the SharePoint family of products), and lastly some from
less frequent products such as Microsoft System Center and Microsoft SQL Server.
Vulnerability Breakdown by Software Family
FamilyVulnera
Read Full Post
4 min
InsightVM
What’s New in InsightVM: Q4 2020 in Review
Here’s our roundup of the new and improved InsightVM features we’ve updated in Q4 2020.
Read Full Post