The CyberRisk Summit is back: Join us on Dec 6. as we recap the cyber risk landscape in 2022 | Get free ticket >> 

Live webinar, Oct 13: Attend to learn how you can deduplicate vulnerability and deliver a smarter approach to cyber risk management  | Register  >>

New report: Mapping MITRE ATT&CK framework to CVEs |  Read more  >>

Vulnerability Clusters with Vulcan Cyber

As everyone in cybersecurity knows, one of the biggest obstacles to identifying and remediating threats quickly is the sheer volume of data to sift through. Duplicate data is a common cause of wasted effort and, particularly in larger environments, this can cause significant time delays and critical setbacks to mitigation. Vulnerability and risk management data… Continue reading Vulnerability Clusters with Vulcan Cyber

More Exchange Server vulnerabilities? First officer’s blog – week 19

First Officer’s log, Terrestrial date, 20221003. Officer of the Deck reporting.   We’ve gotten a final favorable report on the planetary defense network update on [REDACTED] from Lieutenant [REDACTED] and will be returning there to recover the team shortly. To the delight of the planetary government, the team was able to finish on time and within… Continue reading More Exchange Server vulnerabilities? First officer’s blog – week 19

CVE-2007-4559 revival and more: first officer’s blog – week 18

First Officer’s log, Terrestrial date, 20220926. Officer of the Deck reporting.   We have been getting steady mission updates from the team on [REDACTED] and they are making admirable progress. However, it has not been without complications. I may have to put Lieutenant [REDACTED] in for a commendation for her not taking a Phaser to some… Continue reading CVE-2007-4559 revival and more: first officer’s blog – week 18

Cisco End-of-Life threat and more: first officer’s log – week 17

First Officer’s log, Terrestrial date, 20220919. Officer of the Deck reporting.   Ongoing communications from the mission team on [REDACTED] have shown steady progress, but the project has been running into more and more unexpected complexity. Though, in hindsight, we should have expected at least this much of a challenge.  The people of [REDACTED] are technically… Continue reading Cisco End-of-Life threat and more: first officer’s log – week 17

A VMware vulnerability, security for AI: first officer’s blog – week 14

First Officer’s log, Terrestrial date, 20220829. Officer of the Deck reporting. The ship’s new communications interface has come online, thanks to the dedication of crew members in multiple departments. With our mission to help worlds across the Federation, and beyond, use their own integrated defenses to stay secure, we are hoping the new interface will… Continue reading A VMware vulnerability, security for AI: first officer’s blog – week 14

Qakbot, Luca Stealer, and more: first officer’s blog – week 11

First Officer’s log, Terrestrial date, 20220801. Officer of the Deck reporting.   Our presentations on 20220727 were quite successful, with mission professionals attending virtually from across the planet. It is always gratifying to know that people appreciate the work we do to support the mission and are willing to come and participate in a mission-focused… Continue reading Qakbot, Luca Stealer, and more: first officer’s blog – week 11

CVE-2022-26138 and more: first officer’s blog – week 10

First Officer’s log, Terrestrial date, 20220825. Officer of the Deck reporting.   The crew is preparing for a series of presentations on Terrestrial date 20220827 at the CyberRisk Summit, where many of the senior officers will discuss our mission with representatives of the worlds we serve, and, hopefully, will serve in the future. It’s a reminder… Continue reading CVE-2022-26138 and more: first officer’s blog – week 10

An Instagram hack and the rise of purple teams: first officer’s blog – week 9

First Officer’s log, Terrestrial date, 20220818. Officer of the Deck reporting.    A great deal of our mission happens behind the scenes. It is the very nature of a support ship, after all. And this last cycle has been no exception. Though, it seems that more of our mission has been behind the scenes this last… Continue reading An Instagram hack and the rise of purple teams: first officer’s blog – week 9

Chrome zero-day, DoD bug bounty, and more: first officer’s blog – week 8

First Officer’s log, Terrestrial date, 20220811. Officer of the Deck reporting. The ship is back to normal operation and our patrol continues. As a support vessel, we are often in a position to “clean up the mess” discovered, or sometimes instigated, by the ships engaged in First Contact situations. They get all the glory. And… Continue reading Chrome zero-day, DoD bug bounty, and more: first officer’s blog – week 8

LockBit, Malware “gangs”, Hermit spyware framework and more: first officer’s blog – week 7

First Officer’s log, Terrestrial date, 20220804. Officer of the Deck reporting. The Captain has authorized liberty call for much of the crew to take part in a local Independence Day celebration. Apparently, the world separated from their colonial power after a disagreement over some beverage imports. It is quite a big deal for the locals… Continue reading LockBit, Malware “gangs”, Hermit spyware framework and more: first officer’s blog – week 7