Which Vendors Have the Biggest Impact on Ransomware Risk?
We recently published our latest Spotlight Report, which takes a long look into the vulnerabilities used by ransomware in real-world attacks against enterprises and state and local governments. This was a particularly interesting report to be a part of...
Hidden Gems in Windows: The Hunt is On
The process of dumping LSASS (Local Security Authority Subsystem Service) is not a new attack and is well known; however, this specific vector is interesting because all of the tools required to pull this off are already bundled with the Windows operating...
Enterprise Ransomware In The Spotlight
Ransomware is in the midst of a massive resurgence, and in most cases, enterprises are the prime target of attack. Unlike the more opportunistic and consumer-focused ransomware of the past, these newer campaigns have become more targeted, patient, and have...
BlueKeep (CVE-2019-0708): From Rumor to Reality
Microsoft Windows Remote Desktop Protocol (RDP) is a built-in service that facilitates logging into the Windows GUI of another computer over the network, by default on TCP port 3389. On 14 May 2019, the public's attention was drawn toward patching the...
The Art and Science of Predicting Weaponization
As threats have become more sophisticated and have increasingly turned to more adaptive and continuous approaches to security such as Gartner’s Adaptive Security Architecture. This model breaks security into the high-level categories of Prevent,...
Finding and Patching the Microsoft ‘BlueKeep’ Vulnerability (CVE-2019-0708)
This past week a serious vulnerability that affects some older versions of Windows, CVE-2019-0708, was disclosed for which Microsoft has produced a patch. This vulnerability in Remote Desktop Services (aka Terminal Services) could allow an...
Adobe Spotlight Research Report – 2018 Vulnerability Weaponization Top Concern
At RiskSense, part of our mission is to remove the data overload that boils down to reducing the workload on security and IT teams. We take the thousands of vulnerabilities generated by scanners and distil it down to the handful of issues with...
Risk Assessment in a Continuous Vulnerability Management Program
The key to any vulnerability management program is the IT organization’s ability to assess the level of risk that vulnerabilities pose to the business. The better the assessment, the better able the organization will be to prioritize...
AI Is Changing the Threat Landscape
Vendors are beginning to incorporate artificial intelligence (AI) and machine learning (ML) capabilities into their cybersecurity tools, enabling those tools to do everything, from automating aspects of penetration testing to monitoring...
Use AI to Improve Penetration Testing
The most effective penetration testing methods combine threat intelligence, vulnerability scanning, and human expertise to validate the criticality of vulnerabilities through simulated attacks on an IT environment. Security professionals are now...