4 min
Public Policy
Prudent Cybersecurity Preparation for the Potential Russia-Ukraine Conflict
Fending off an attack from a well-resourced nation state is a nightmare scenario for cybersecurity teams. Here are some steps your organization can take to bolster its defenses.
14 min
Log4Shell
The Everyperson’s Guide to Log4Shell (CVE-2021-44228)
This blog is for everyone who wants to understand what’s going on with the Log4Shell vulnerability in Log4j and why the internet seems to be on fire again.
15 min
Emergent Threat Response
Widespread Exploitation of Critical Remote Code Execution in Apache Log4j
On December 10, 2021, Apache released version 2.15.0 of their Log4j framework, which included a fix for CVE-2021-44228, a critical RCE vulnerability that is being exploited in the wild.
4 min
Ransomware
3 Strategies That Are More Productive Than Hack Back
Hack back, as used by non-government entities, is problematic for many reasons. Here are 3 alternative strategies to thwart the attackers.
4 min
Security Operations
2022 Planning: Prioritizing Defense and Mitigation Through Left of Boom
In this post, we'll use ransomware as an example for 3 areas where you can apply a left-of-boom approach in your defenses in the coming year.
4 min
Emergent Threat Response
Trojan Source CVE-2021-42572: No Panic Necessary
What is this thing?
Researchers at the University of Cambridge and the University of Edinburgh
recently published a paper [https://www.trojansource.codes/trojan-source.pdf] on
an attack technique they call “Trojan Source.” The attack targets a weakness in
text-encoding standard Unicode—which allows computers to handle text across many
different languages—to trick compilers into emitting binaries that do not
actually match the logic visible in source code. In other words, what a
developer or secu
8 min
Ransomware
The Rise of Disruptive Ransomware Attacks: A Call To Action
Ransomware attacks are on the rise. In this post, we examine the dynamics of this trend and where it might be headed.
4 min
Emergent Threat Response
Managed Service Providers Used in Coordinated, Mass Ransomware Attack Impacting Hundreds of Companies
Rapid7 is aware of and tracking all information surrounding a coordinated, mass ransomware attack that appears to be targeting Kaseya VSA patch management and monitoring software.
2 min
Emergent Threat Response
ForgeRock Access Manager/OpenAM Pre-Auth Remote Code Execution Vulnerability (CVE-2021-35464): What You Need To Know
On June 29, 2021, researcher Michael Stepankin (@artsploit) posted details of a pre-auth remote code execution (RCE) vulnerability, CVE-2021-35464, in ForgeRock Access Manager identity and access management software that front-ends web applications and remote access solutions in many enterprises.
2 min
Emergent Threat Response
SolarWinds Patches Four New Vulnerabilities in Their Orion Platform
SolarWinds released fixes for 4 new vulnerabilities in their Orion platform, the most severe of which is an authenticated RCE flaw due to a JSON deserialization weakness.
5 min
News
F5 Discloses Eight Vulnerabilities—Including Four Critical Ones—in BIG-IP Systems
On March 10, 2021, F5 disclosed eight vulnerabilities, four of which are deemed "critical."
3 min
News
Multiple Unauthenticated Remote Code Control and Execution Vulnerabilities in Multiple Cisco Products
On Feb. 24, 2021, Cisco released many patches for multiple products, three of which require immediate attention by organizations if they are running affected systems and operating system/software configurations.
2 min
News
VMware vCenter Server CVE-2021-21972 Remote Code Execution Vulnerability: What You Need to Know
On Feb. 23, 2021, VMware published an advisory describing three weaknesses affecting VMware ESXi, VMware vCenter Server, and VMware Cloud Foundation.
2 min
News
Cisco Patches Recently Disclosed "sudo" Vulnerability (CVE-2021-3156) in Multiple Products
Cisco has released security updates to address vulnerabilities in most of their product portfolio.
3 min
Emergent Threat Response
SonicWall SNWLID-2021-0001 Zero-Day and SolarWinds’ 2021 CVE Trifecta: What You Need to Know
2021 continues to deliver with an unpatched zero-day exposure in some SonicWall appliances and three moderate-to-critical CVEs in SolarWinds software.