A quarter full of risk – get to know the notable vulnerabilities of Q3 2024 >>

The CyberRisk Summit is back! RSVP for free for our live event | November 20 >>

Exposure management analytics and KPIs you need to know about  >>

Get a demo

A quarter full of risk – get to know the notable vulnerabilities of Q3 2024 >>

The CyberRisk Summit is back! RSVP for free for our live event | November 20 >>

Exposure management analytics and KPIs you need to know about  >>

Get a demo
Get a demo

Author: Mike Parkin

CVE-2022-36067 and more: first officer’s blog – week 22

First Officer’s log, Terrestrial date, 20221024. Officer of the Deck reporting.   Working with the security operations team on Starbase 42 has been an interesting experience. And by interesting, I mean it has presented some unique challenges that can only come from an organization that grew organically and didn’t always follow the best practices.  While it… Continue reading CVE-2022-36067 and more: first officer’s blog – week 22

CVE-2022-40684 and more: first officer’s blog – week 21

First Officer’s log, Terrestrial date, 20221017. Officer of the Deck reporting.   While most of the crew were enjoying the hospitality at Starbase 42, the captain and senior staff briefed the rest of the department heads on what caused our diversion here in the first place. Apparently, one of the starbase’s officers misplaced their combadge while… Continue reading CVE-2022-40684 and more: first officer’s blog – week 21

ProxyNotShell, MFA and more: first officer’s blog – week 20

First Officer’s log, Terrestrial date, 20221010. Officer of the Deck reporting.   While en route to [REDACTED] to pick up Lieutenant [REDACTED] and her team after their successful field mission, we have been redirected to Starbase 42. Apparently to answer some existential questions about life, or the universe, or something. The reason for the diversion is… Continue reading ProxyNotShell, MFA and more: first officer’s blog – week 20

More Exchange Server vulnerabilities? First officer’s blog – week 19

First Officer’s log, Terrestrial date, 20221003. Officer of the Deck reporting.   We’ve gotten a final favorable report on the planetary defense network update on [REDACTED] from Lieutenant [REDACTED] and will be returning there to recover the team shortly. To the delight of the planetary government, the team was able to finish on time and within… Continue reading More Exchange Server vulnerabilities? First officer’s blog – week 19

CVE-2007-4559 revival and more: first officer’s blog – week 18

First Officer’s log, Terrestrial date, 20220926. Officer of the Deck reporting.   We have been getting steady mission updates from the team on [REDACTED] and they are making admirable progress. However, it has not been without complications. I may have to put Lieutenant [REDACTED] in for a commendation for her not taking a Phaser to some… Continue reading CVE-2007-4559 revival and more: first officer’s blog – week 18

Cisco End-of-Life threat and more: first officer’s log – week 17

First Officer’s log, Terrestrial date, 20220919. Officer of the Deck reporting.   Ongoing communications from the mission team on [REDACTED] have shown steady progress, but the project has been running into more and more unexpected complexity. Though, in hindsight, we should have expected at least this much of a challenge.  The people of [REDACTED] are technically… Continue reading Cisco End-of-Life threat and more: first officer’s log – week 17

Malicious plugins, media industry at risk: first officer’s log – week 16

First Officer’s log, Terrestrial date, 20220912. Officer of the Deck reporting.   The mission team to [REDACTED] beamed down successfully and immediately got to work. Led by Lieutenant [REDACTED] and her specialist team, they contacted the local authorities and their planetary Coordinated Response Team then established a communications link with the ship so we could follow… Continue reading Malicious plugins, media industry at risk: first officer’s log – week 16

The new Google bug bounty and more: First officer’s blog – week 15

First Officer’s log, Terrestrial date, 20220905. Officer of the Deck reporting.   As a support vessel, specializing in integrating communications across a world’s disparate defense systems, we are usually called into action well after a world’s joined the Federation or, at least, well after the first contact team has done their work and moved on to… Continue reading The new Google bug bounty and more: First officer’s blog – week 15

A VMware vulnerability, security for AI: first officer’s blog – week 14

First Officer’s log, Terrestrial date, 20220829. Officer of the Deck reporting. The ship’s new communications interface has come online, thanks to the dedication of crew members in multiple departments. With our mission to help worlds across the Federation, and beyond, use their own integrated defenses to stay secure, we are hoping the new interface will… Continue reading A VMware vulnerability, security for AI: first officer’s blog – week 14

Mac hacked, Windows of opportunity: first officer’s blog – week 13

First Officer’s log, Terrestrial date, 20220822. Officer of the Deck reporting.   Several of the ship’s departments have been working diligently towards an updated communication interface, which will let the worlds we serve, and the ones we are ready to serve, better understand our mission and what we can do to improve their situations. It’s been… Continue reading Mac hacked, Windows of opportunity: first officer’s blog – week 13