RSS Security

πŸ”’
❌ About FreshRSS
There are new articles available, click to refresh the page.
Before yesterdayVerSprite

Google Fuchsia OS Sets a New Standard for Operating System Security

20 July 2021 at 12:23

Google's newest OS, Fuchsia, is praised as being more secure than others already on the market. In this article and video, VerSprite dives into Google's Fuchsia OS to determine why the architecture and microkernel allow it to be more secure than Android, Apple, or Windows.

The post Google Fuchsia OS Sets a New Standard for Operating System Security appeared first on VerSprite.

Understanding Physical and Cyber Threats to the Financial Sector

As physical and cyber attacks increase against the financial industry, Versprite's Threat Intelligence Group has been tracking the patterns attackers leave. In this article, VerSprite uses an attack tree to map the top methods, motives, and threat organizations the financial industry should be aware of.

The post Understanding Physical and Cyber Threats to the Financial Sector appeared first on VerSprite.

VerSprite Receives 2021 Exceptional Workplace Award from The Startup Weekly

1 July 2021 at 14:27

VerSprite Security Consulting receives the 2021 Exceptional Workplace Award presented by The Startup Weekly. VerSprite was chosen was due to our commitment to fostering employees’ career growth, prioritizing work-life balance, and cultivating a family-like atmosphere through our leadership and internal learning. Learn how we promote individual success within a remote work environment.

The post VerSprite Receives 2021 Exceptional Workplace Award from The Startup Weekly appeared first on VerSprite.

Udemy Partners with VerSprite for Advanced Penetration Testing

28 June 2021 at 16:02

In this case study, Udemy's Director of Information Security gives an inside look at how he uses VerSprite's advanced penetration tests to shape their security measures and why it's critical for online learning organizations to engage outside testing.

The post Udemy Partners with VerSprite for Advanced Penetration Testing appeared first on VerSprite.

Defeating Ransomware Starts at the Botnet

15 June 2021 at 08:10

Ransomware attacks continue to increase but most teams can't detect the threat in their network until they are too late in the cyber kill chain to stop it. VerSprite's Threat Intelligence Director argues early botnet detection prevents ransomware attack more effectively and shows how VerSprite's BreachSeeker tool can help catch botnet infections up to 42 days before ransomware strikes.

The post Defeating Ransomware Starts at the Botnet appeared first on VerSprite.

Prevent Ransomware with Early Botnet Detection from VerSprite’s BreachSeeker

10 June 2021 at 20:09

VerSprite's BreachSeeker can detect organizations that will targeted by ransomware attacks up to 42 days before they're hit. Evolve your security by integrating early botnet detection into your defense strategy. Request a ransomware strategy call with our Threat Intelligence team today.

The post Prevent Ransomware with Early Botnet Detection from VerSprite’s BreachSeeker appeared first on VerSprite.

VerSprite Finds Vulnerability in NETGEAR Nighthawk WiFi Router

4 June 2021 at 15:09

VerSprite's Security Research team found a high-risk vulnerability in NETGEAR's popular gaming router. This vulnerability analysis details more on the risk level, disclosure timeline, the ZEBRA daemon vulnerability, and patch information.

The post VerSprite Finds Vulnerability in NETGEAR Nighthawk WiFi Router appeared first on VerSprite.

Opto 22 PAC Control Basic

23 April 2021 at 14:23

VerSprite's Vs-Labs uncovered an unpatched zero-day in the Opto 22 PAC Control Basic software. This advisory is for CVE-2021-30495 affects version R10.3003.

The post Opto 22 PAC Control Basic appeared first on VerSprite.

Unpatched Security Vulnerability in OPTO 22 PAC Basic Software

23 April 2021 at 14:07

This ungated Vulnerability Analysis Report outlines the vulnerabilities found by VerSprite's security research team within Razer's Synapse 3 software suite, including risk level, disclosure timeline, and remediation information. The vulnerabilities covered are CVE-2021-30493 and CVE-2021-30494.

The post Unpatched Security Vulnerability in OPTO 22 PAC Basic Software appeared first on VerSprite.

Razer Synapse 3 Permissions Vulnerability

13 April 2021 at 17:58

Razer Synapse 3's permissions assignment bug is allows for Denial of Service (DoS) attacks. This CVE-2021-30493 affects version 3.5.1030.101917.

The post Razer Synapse 3 Permissions Vulnerability appeared first on VerSprite.

Razer Synapse 3

13 April 2021 at 17:51

Razer Synapse 3's incorrect permissions assignment vulnerability is allows for Denial of Service (DoS) attacks. This CVE-2021-30494 affects version 3.5.1030.101917.

The post Razer Synapse 3 appeared first on VerSprite.

Razer Synapse 3 Security Vulnerability Analysis Report

13 April 2021 at 14:04

This ungated Vulnerability Analysis Report outlines the vulnerabilities found by VerSprite's security research team within Razer's Synapse 3 software suite, including risk level, disclosure timeline, and remediation information. The vulnerabilities covered are CVE-2021-30493 and CVE-2021-30494.

The post Razer Synapse 3 Security Vulnerability Analysis Report appeared first on VerSprite.

DevSecOps: Automating Security Testing in a CI/CD Pipeline

8 April 2021 at 17:59

In this tutorial, VerSprite's DevOps team walks you through how to automate SAST into your CI/CD pipeline

The post DevSecOps: Automating Security Testing in a CI/CD Pipeline appeared first on VerSprite.

Red Hat Linux iSCSI Subsystem Vulnerability Report

12 March 2021 at 13:12

In this Zero Day Report, VerSprite was asked to provide proof of concept for a Red Hat Enterprise Linux zero day found by GRIMM. Get the full PoC, CVEs, remediation, and business impact report.

The post Red Hat Linux iSCSI Subsystem Vulnerability Report appeared first on VerSprite.

Blind Spots in Security Awareness Training Programs

4 March 2021 at 11:39

In this article, VerSprite's Offensive Security team highlight the blindspots standard security training create that allows social engineering attacks to be successful at all levels in an organization.

The post Blind Spots in Security Awareness Training Programs appeared first on VerSprite.

Companies Using VMware ESXi Are Being Targeted by Ransomware

19 February 2021 at 12:00

Companies using VMware ESXi are being targeted by ransomware-as-a-service, resulting in encrypted virtual hard drives. Learn the business impact of this attack and get mitigation recommendations from VerSprite's Threat Intelligence Group.

The post Companies Using VMware ESXi Are Being Targeted by Ransomware appeared first on VerSprite.

Windows Named Pipes Part 4: Taking a Trip Down Static Analysis Lane

11 February 2021 at 17:51

In the last iteration of our four-part series, VerSprite's security researchers examine real-world examples of reversing and exploiting Windows named pipe servers within applications using a custom vulnerable application. The methods covered to achieve this goal is through static analysis.

The post Windows Named Pipes Part 4: Taking a Trip Down Static Analysis Lane appeared first on VerSprite.

Vendor Risk Assessment Services vs. Third-Party Risk Management Software (VRA vs. TPRM)

8 February 2021 at 12:31

What's the best practice to manage third-party vendor risks? In this eBook, VerSprite's GRC team compare 7 factors to help you determine if Third-Party Risk Management software (TPRM) or Vendor Risk Assessment services (VRA) is right for you. Included: VRM Checklist

The post Vendor Risk Assessment Services vs. Third-Party Risk Management Software (VRA vs. TPRM) appeared first on VerSprite.

Fintech Cybersecurity Case Study CreditShop

26 January 2021 at 01:40

In this case study, CreditShop's CISO gives an inside look at how he uses red teaming exercises to shape their security roadmap and why it's critical for financial organizations to go beyond security compliance.

The post Fintech Cybersecurity Case Study CreditShop appeared first on VerSprite.

❌