In this article, VerSprite's Offensive Security team explore the difference between common security risk assessments (vulnerability assessment, penetration testing, and red teaming) as we walk you through real exploits we have used to test organizations' security protocols.
The post How VerSpriteβs Risk-Based Security Assessments Exposed Vulnerabilities Companies Never Imagined appeared first on VerSprite.
Sit back and listen to part 2 of our discussion on FireEye's breach, SolarWinds Sunburst supply chain attack. We'll cover updates, how to protect against supply chain attacks with organizational threat models, and debate on the risks and benefits of an open disclosure community.
The post VerSprite Cybersecurity Discusses Sunburst and Vendor Supply Chain Attacks appeared first on VerSprite.
Vietnam's government is the latest victim in a string of complex supply chain attacks. This attack targeted the VGCA using a backdoor trojan called PhantomNet. VerSprite's Threat Intelligence team give a brief overview of the important details you need to know.
The post Operation SignSight: Software Supply Chain Attack Hits Vietnamese Government appeared first on VerSprite.
Envisions Critical Threat Report 2021 identifies the top 6 global cybersecurity threats, challenges, and opportunities businesses will face. This report can be used as a powerful resource for organizations looking to evolve and refine their geo-cyber strategy.
The post Top 6 Cybersecurity Threats in 2021 appeared first on VerSprite.
In this video, Envisions author, Balam Mendoza, and VerSprite CEO, Tony UcedaVΓ©lez, discuss the major topics within our 2021 Threat Report and how security teams can use threat reports when planning their security protocols for the year.
The post 2021 Business Security Threats Briefing appeared first on VerSprite.
En este video, el autor de Envisions, Balam Mendoza, y el CEO de VerSprite, Tony UcedaVΓ©lez, discuten los principales temas de nuestro Informe de amenazas 2021 y cΓ³mo los equipos de seguridad pueden usar los informes de amenazas al planificar sus protocolos de seguridad para el aΓ±o.
The post Informe sobre amenazas a la seguridad empresarial 2021 appeared first on VerSprite.
In this case study, CreditShop's CISO gives an inside look at how he uses red teaming exercises to shape their security roadmap and why it's critical for financial organizations to go beyond security compliance.
The post Fintech Cybersecurity Case Study CreditShop appeared first on VerSprite.
What's the best practice to manage third-party vendor risks? In this eBook, VerSprite's GRC team compare 7 factors to help you determine if Third-Party Risk Management software (TPRM) or Vendor Risk Assessment services (VRA) is right for you. Included: VRM Checklist
The post Vendor Risk Assessment Services vs. Third-Party Risk Management Software (VRA vs. TPRM) appeared first on VerSprite.
In the last iteration of our four-part series, VerSprite's security researchers examine real-world examples of reversing and exploiting Windows named pipe servers within applications using a custom vulnerable application. The methods covered to achieve this goal is through static analysis.
The post Windows Named Pipes Part 4: Taking a Trip Down Static Analysis Lane appeared first on VerSprite.
Companies using VMware ESXi are being targeted by ransomware-as-a-service, resulting in encrypted virtual hard drives. Learn the business impact of this attack and get mitigation recommendations from VerSprite's Threat Intelligence Group.
The post Companies Using VMware ESXi Are Being Targeted by Ransomware appeared first on VerSprite.
In this article, VerSprite's Offensive Security team highlight the blindspots standard security training create that allows social engineering attacks to be successful at all levels in an organization.
The post Blind Spots in Security Awareness Training Programs appeared first on VerSprite.
In this Zero Day Report, VerSprite was asked to provide proof of concept for a Red Hat Enterprise Linux zero day found by GRIMM. Get the full PoC, CVEs, remediation, and business impact report.
The post Red Hat Linux iSCSI Subsystem Vulnerability Report appeared first on VerSprite.
In this tutorial, VerSprite's DevOps team walks you through how to automate SAST into your CI/CD pipeline
The post DevSecOps: Automating Security Testing in a CI/CD Pipeline appeared first on VerSprite.
This ungated Vulnerability Analysis Report outlines the vulnerabilities found by VerSprite's security research team within Razer's Synapse 3 software suite, including risk level, disclosure timeline, and remediation information. The vulnerabilities covered are CVE-2021-30493 and CVE-2021-30494.
The post Razer Synapse 3 Security Vulnerability Analysis Report appeared first on VerSprite.
Razer Synapse 3's incorrect permissions assignment vulnerability is allows for Denial of Service (DoS) attacks. This CVE-2021-30494 affects version 3.5.1030.101917.
The post Razer Synapse 3 appeared first on VerSprite.
Razer Synapse 3's permissions assignment bug is allows for Denial of Service (DoS) attacks. This CVE-2021-30493 affects version 3.5.1030.101917.
The post Razer Synapse 3 Permissions Vulnerability appeared first on VerSprite.
This ungated Vulnerability Analysis Report outlines the vulnerabilities found by VerSprite's security research team within Razer's Synapse 3 software suite, including risk level, disclosure timeline, and remediation information. The vulnerabilities covered are CVE-2021-30493 and CVE-2021-30494.
The post Unpatched Security Vulnerability in OPTO 22 PAC Basic Software appeared first on VerSprite.
VerSprite's Vs-Labs uncovered an unpatched zero-day in the Opto 22 PAC Control Basic software. This advisory is for CVE-2021-30495 affects version R10.3003.
The post Opto 22 PAC Control Basic appeared first on VerSprite.
VerSprite's Security Research team found a high-risk vulnerability in NETGEAR's popular gaming router. This vulnerability analysis details more on the risk level, disclosure timeline, the ZEBRA daemon vulnerability, and patch information.
The post VerSprite Finds Vulnerability in NETGEAR Nighthawk WiFi Router appeared first on VerSprite.
