Security Team Intelligence

Vulnerability prioritization tools (VPTs) aren’t new technology by any stretch. They’ve been around for over ten years at this point….

When evaluating any software solution for purchase, ROI is one of the most crucial parts of that evaluation. Without communicating…

Another day goes by, another latest and greatest security breach affects the cryptocurrency world. The attacks range from phishing campaigns…

So, you’re looking to take your vulnerability management game to the next level with a vulnerability prioritization tool (VPT). Well,…

Under the umbrella of risked-based vulnerability management (RBVM) live a host of tools who’s applications correspond to various stages of…

NopSec has been in the risk-based vulnerability management (RBVM) game for 10 years now. Over the course of this decade…

When it comes to cybersecurity, there are two points of view to always consider – the external and the internal….

If you’re new to cybersecurity technology or looking to mature your program you’ll quickly come across vulnerability prioritization tools in…

The Problem with Vulnerability Assessment Scanners If you’re reading this post, chances are you’re looking to take the next step…

Vulnerability Management programs produce a lot of data about the vulnerabilities and remediation efforts. Due to this, it is very…

What is Full Stack Vulnerability Management? Full stack vulnerability management utilizes a variety of vulnerability scanner types to identify and…

Vulnerability management’s cornerstone is largely going to revolve around setting up and managing your infrastructure scanner in order to find,…

Choosing a risk-based vulnerability management (RBVM) solution can be daunting. Where do you begin? What features are available, and what…

Vulnerability management is an ongoing, iterative process. Companies with large cybersecurity teams can still struggle with proving the efficacy of…

CISA has recently issued a Binding Operational Directive (BOD) 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks, which…

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa…

Accurately assessing the risk of software vulnerabilities is critical in order to prioritize remediation efforts given limited remediation resources.  For…

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa…

Categorizing and classifying vulnerabilities and attacks is important to understand how a vulnerability is exploited and how a breach unfolds…

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa…

Securing computer systems is the ultimate big data problem.  Billions of computers generate roughly 2.5 quintillion bytes of data everyday. …

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa…

All Risk-Based Vulnerability Management (RBVM) platforms include integrations to multiple vulnerability assessment products. In addition to vulnerability findings and asset…

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa…

Vulnerability Management is one of the less flashy or exciting parts of your cybersecurity department maintenance routine – but is…

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa…

In its most basic form, security is about protecting people and systems from harm. Increasingly, our security depends on our…

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa…

The State of Vulnerability Management report, recently released by NopSec, shows that while organizations are making strides in vulnerability management,…

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa…

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa…

The CIS Security Controls, published by SANS and the Center for Internet Security (SIS) and formerly known as the SANS…

Today, we are excited to announce our new podcast — the Future of Vulnerability Management which is dedicated to helping…

Have you ever wondered what security professionals want most from their Vulnerability Management (VM) program? We have. In fact, we…

We talked previously about the need to use people, processes, and technology wisely to support your vulnerability risk management. Each element…

A new advisory from top federal security and law enforcement agencies warns that state-sponsored cyber actors from the People’s Republic…

We described in the previous blog post the difference between vulnerability management and risk management. A quick reminder: vulnerabilities are…

Businesses run fast to keep pace in a market that is ever dynamic, with new entries threatening to oust established…

Cybersecurity startups have had an incredible past couple of years.  In 2020, they raised $8.9 billion and last year, that…

Continuing our How to Build a VM Program series, this third installment breaks the working components of a program into…

As we said in the introduction to this series, cybercriminals are becoming increasingly sophisticated in their assaults, and the methods…

In the past, cybercriminals relied heavily on phishing to slip into an organization’s IT system to achieve their objectives. Recently,…

Cybersecurity metrics are a pertinent part of measuring the successes and failures of your program and the effectiveness of your…

Demonstrating the ROI of security investments has long been a challenge for SecOps teams. If an organization as a whole…

Still CVE-2019-14287 – Linux Sodo Vulnerability Linux Sodo Vulnerability, tracked as CVE-2019-14287, has been a nightmare for IT & cyber-security…

CVE-2019-14287 – Linux Sodo Vulnerability Description A flaw was found in the way sudo implemented running commands with arbitrary user…

CVE-2019-1367 – MICROSOFT ZERO-DAY VULNERABILITY – OUT-OF-BAND PATCH, Again Microsoft zero-day vulnerability is still trending on social media and we…

CVE-2019-16759 – vBulletin Remote Code Execution Description vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in…

CVE-2019-1367 – Microsoft Zero-Day Vulnerability – Out-of-band Patch Description A remote code execution vulnerability exists in the way that the…

CVE-2019-0708 – BLUEKEEP Exploit Has Been Released The BlueKeep vulnerability, tracked as CVE-2019-0708, has been a nightmare for IT &…

Still CVE-2019-11510 – Pulse Secure VPN CVE-2019-11510 has been a nightmare for IT & cyber-security teams for the past 2…

CVE-2019-11510 – Pulse Secure VPN Description  In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before…

CVE-2019-1181 – Wormable Windows Remote Desktop Flaw  Description  A remote code execution vulnerability exists in Remote Desktop Services – formerly…

CVE-2019-1125 – SWAPGS Vulnerability Description  An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An…

My work as Senior Product Designer here at NopSec has given me a unique view of the industry landscape, as…

CVE-2019-13272 – Linux Kernel Privilege Escalation Vulnerability Alert Description  In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the…

CVE-2019-2107 – Android devices could be hacked by playing a video Description  This vulnerability could lead to remote code execution…

CVE-2019-6342 – Drupal Core Access Bypass Vulnerability Description  According to its self-reported version, in Drupal 8.7.4, when the experimental Workspaces…

CVE-2019-1132 – Win32k Elevation of Privilege Vulnerability Description  An elevation of privilege vulnerability exists in Windows when the Win32k component…

CVE-2017-11774 – Microsoft Outlook Security Feature Bypass Vulnerability Description  A security feature bypass vulnerability exists when Microsoft Outlook improperly handles…

Again, CVE-2019-0708 – BlueKeep – Wormable RDP Vulnerability The BlueKeep vulnerability, tracked as CVE-2019-0708, has been a nightmare for IT…

CVE-2019-11477 – SACK Panic Remote Command Execution Flaw in Exim is still trending on social media and we extensively covered…

CVE-2019-10149 – Remote Command Execution Flaw in Exim The BlueKeep vulnerability is still the number one trending vulnerability on social…

CVE-2018-15664 – Docker Vulnerability The BlueKeep vulnerability is still trending on social media and we extensively covered CVE-2019-0708 in May…

IT Vulnerability Ownership, Part 2: Find early adopters Telling people what to do gets nowhere fast. I even have to…

Still CVE-2019-0708 – BlueKeep – Wormable RDP Vulnerability The BlueKeep vulnerability, tracked as CVE-2019-0708, has been a nightmare for IT…

CVE-2019-0708 – BlueKeep – Wormable RDP Vulnerability NopSec advises you to apply patches immediately. Description CVE-2019-0708 is a critical remote…

CVE-2019-0604 – Microsoft SharePoint Remote Code Execution Vulnerability Description A remote code execution vulnerability exists in Microsoft SharePoint when the…

CVE-2019-3396 – Widget Connector Macro in Atlassian Confluence Server Last week, we covered CVE-2019-2725 which was a vulnerability in the…

CVE-2019-2725 – Oracle WebLogic Server Zero-Day Vulnerability Description CVE-2019-2725 is a vulnerability in the Oracle WebLogic Server component of Oracle…

CVE-2019-0859 – Yet Another Windows Zero-Day Vulnerability Last week, we covered an elevation of privilege vulnerability in Win32k component of…

CVE-2019-0859 – Yet Another Windows Zero-Day Vulnerability Description This week’s trending vulnerability may sound eerily familiar. CVE-2019-0859 is an elevation…

IT Vulnerability Ownership, Part 1: Problem, benefits to solving it, and understand its roots Running a successful vulnerability management program…

CVE-2019-0211 – Carpe Diem – Apache Local Privilege Escalation Vulnerability Description This week’s trending vulnerability is CVE-2019-0211, a local privilege…

CVE-2019-1002101 – Kubernetes Directory Traversal Description Back in February, we talked about a malicious container ‘break out’ vulnerability in runc…

CVE-2019-5418 – Ruby on Rails File Content Disclosure Vulnerability Description This week’s trending vulnerability, CVE-2019-5418, is a file content disclosure…

CVE-2019-0797 – Windows Zero-Day Vulnerability Description CVE-2019-0797 is one of the three zero-day vulnerabilities (one in Chrome, the other two…

Snow flurries were a welcome change in New Jersey from last month’s high gust winds. I often multitask my dog…

Google Chrome Zero-Day Vulnerability (CVE-2019-5786) & Two New Actively Exploited Windows Zero-Day Vulnerabilities Description On February 27th, security engineers from…

Updates on Drupal (CVE-2019-6340) & A New Improper Input Validation Flaw Leading to RCE in Cisco Routers (CVE-2019-1663) The improper…

This is the final post in this six-part series. You can find the previous posts below. Time is Money, Part…

CVE-2019-6340 – Improper Input Validation Leading to Remote Code Execution in Drupal This week’s most tweeted-about vulnerability is a, yet…

CVE-2019-5736 – Malicious Container “Break Out” Vulnerability in Runc Last week, we extensively covered a security flaw in runc –…

This is part five in a six-part series. You can find the previous posts below. Time is Money, Part 1:…

Here at NopSec our goal is to provide the most intelligent, automated way of managing cybersecurity risk in enterprise environments….

CVE-2019-5736 – malicious container “break out” vulnerability in runc If you follow cybersecurity news at all, you have likely already…

CVE-2019-1653 (Cisco Routers information disclosure), CVE-2018-16858 (LibreOffice directory traversal bug) It has been a relatively slow week as we have…

This is part four in a six-part series. You can find the previous posts below. Time is Money, Part 1:…

This is part three in a six-part series. You can find the previous posts below. Time is Money, Part 1:…

This week’s most talked about vulnerability is CVE-2019-1653. It is an information disclosure vulnerability affecting web-based management interface of Cisco…

CVE-2018-15982 is a use after free zero-day vulnerability in Adobe Flash Player (versions up to 31.0.0.153) which can result in…

This is part two in a six-part series. You can find the first in this series here, which lists the…

Time is Money is a six-part series we’re going to post throughout the first few months of 2019. We’ll also…

We’re living through the gold rush of information security. The awareness and importance of information (or cyber) security has never…

The updated PCI 3.2 requirements are coming to a head with a deadline this February 1st, 2018. While we’re sure…

The first traditional deadline is coming to a close this month for compliance with the NYDFS Cybersecurity Regulations. Please note that…

Silos exist in all levels and all types of organizations. Different teams naturally have different priorities, methodologies, and more, though…

The “password” is one of those seemingly foolproof ways to protect your online valuables. Like a secret word between you…

What’s the quickest way to a hacker’s heart? Make sure your business email password is “Password123.” Or perhaps “Summer2017” if…

If you’re in the financial industry (or working as a provider with such organizations), you most likely have already heard…

Cybersecurity is finally gaining the attention it’s due. From whistleblowers to major data breaches, issues once kept strictly in the…

Organizations seeking to improve their security posture and meet regulatory or audit compliance requirements must consider implementing role based access control (RBAC).

Here at NopSec, we’ve spoken with a number of financial organizations about where they are in the process of meeting…

How can I find security people, how do I deal with budget and time, how should I prioritize, what will…

Do you feel confident that everyone in your organization could identify a phishing email that contained ransomware? What if the…

When new cybersecurity regulations from the New York Department of Financial Services (NYDFS) take effect on March 1, 2017, financial institutions will…

Compliance isn’t enough for healthcare organizations. For years, we have equated compliance with effective vulnerability risk management. This is simply…

Most small and medium business owners believe that cyber criminals only target large businesses and corporations. They couldn’t be more…

Time and again, we hear from information security leaders who have invested in vulnerability risk management (VRM) technology and are…

On March 23rd 2016, I had the pleasure to participate in the Inaugural 2016 National Conference of Minority Cybersecurity Professionals…

According to recent research over 60 percent of survey participants stated their executives are only “somewhat” or “not at all” informed about…

OpenVAS (Open Vulnerability Assessment Scanner) – is an open source security vulnerability scanner and manager. It is an open source…

Most of our customers’ security analysts are called on a monthly basis (or more often) to deliver a presentation of…

Penetration tests are point-in-time adversarial tests aimed at testing the intrusion prevention, detection, and incident response capabilities and controls of an…

In the previous blog post here, we described the GHOST Linux glibc vulnerability in details and its repercussions to the…

The term “security breach,” and other similar phrases, have become commonplace. This year alone we have seen the data of…

No industry is immune to IT security breaches and it seems that retailers have been in the spotlight of late….

Understanding how to effectively evaluate and select a penetration testing vendor can be a challenging exercise. Frequently the problem comes…

Security risks to information systems and sensitive data are expanding at a rate that can outpace an organization’s technical resources…

As penetration testers know, spending nights awake to probe networks, servers and applications is common practice. For companies completing vulnerability…

With any technology investment, budget is a core part of the decision criteria. IT security departments are expected to do…

Many federal regulations such as GBLA, HIPAA and PCI require an annual penetration test. Customers often ask for our penetration testing services in…

This is the time of the year that we get a lot of inquiries about performing an annual penetration test….

The SANS 20 Critical Security Controls are prioritized mitigation steps to improve cybersecurity. Coordinated through the SANS Institute, many companies with…

As we have reached the end of this blog post series on SANS 20 Critical Controls, this one is definitely…

In this installment of our SANS 20 Critical Security Controls, I bundled three controls together simply because they are very…

Have you ever considered what is the venue most attackers use to infiltrate target systems? In terms of percentage, certainly…

This week we come back with our blog series on SANS 20 Critical Controls and focus on Audit Logs and Controlled…

As we are getting ready to descend for a couple of days to Vegas for Black Hat / DefCon /…

Another very important area of an organization’s security program is its application security roadmap. We all know that web and…

There’s a quote attributed to Fabio Massacci, professor of information systems and security at the University of Trento in Italy…

In a system there is no privilege that is higher than administrative privileges. In Unix and Linux world, this is…

Exposure level and Risk level are directly proportional to each other! Ports, protocols and services are entry points and mechanisms…

Why all graphical representations of a network firewall include a wall with flames? Do you have to set a wall…

On this blog post of the SANS Critical Control series I comment on two critical controls that at the first…

Wireless networks have always been a “no man’s land” in terms of security and appropriate configuration. Some of the most…

As part of SANS 20 Critical Security Controls mapping with Unified VRM series, today I am going to discuss Critical…

In this latest installment of this blog series, I am going to analyze how to implement the SANS Critical Control…

In the previous two blog posts I have been addressing Control 1 and Control 2 in the SANS Critical Security…

Yesterday, I published the first blog post on mapping SANS 20 critical security controls to Unified VRM. The post dealt…

I loved the opening paragraph in a recent article titled, “How Attackers Choose Which Vulnerabilities To Exploit” by Michael Cobb,…

Penetration testing is one of the services that we offer NopSec customers. A vulnerability assessment and penetration test provide an…

We observe a common misconception that companies believe they are doing “vulnerability management” when, more often than not, they are…