Keeping Pace with the Ransomware Landscape
Last September, the RiskSense team published our first Spotlight Report focused on the rise of ransomware. Specifically, the report focused on the newer breed of ransomware that strategically focuses on network-wide attacks on enterprise, government, and...
Getting Proactive About Defending Government Agencies From Ransomware
2019 has set a new high water mark for ransomware and it is no secret that state and local governments have taken the brunt of the damage. Government agencies and school districts often have much smaller security budgets and fewer IT staff compared to more...
Which Vendors Have the Biggest Impact on Ransomware Risk?
We recently published our latest Spotlight Report, which takes a long look into the vulnerabilities used by ransomware in real-world attacks against enterprises and state and local governments. This was a particularly interesting report to be a part of...
Hidden Gems in Windows: The Hunt is On
The process of dumping LSASS (Local Security Authority Subsystem Service) is not a new attack and is well known; however, this specific vector is interesting because all of the tools required to pull this off are already bundled with the Windows operating...
Enterprise Ransomware In The Spotlight
Ransomware is in the midst of a massive resurgence, and in most cases, enterprises are the prime target of attack. Unlike the more opportunistic and consumer-focused ransomware of the past, these newer campaigns have become more targeted, patient, and have...
BlueKeep (CVE-2019-0708): From Rumor to Reality
Microsoft Windows Remote Desktop Protocol (RDP) is a built-in service that facilitates logging into the Windows GUI of another computer over the network, by default on TCP port 3389. On 14 May 2019, the public's attention was drawn toward patching the...
The Art and Science of Predicting Weaponization
As threats have become more sophisticated and have increasingly turned to more adaptive and continuous approaches to security such as Gartner’s Adaptive Security Architecture. This model breaks security into the high-level categories of Prevent,...
Finding and Patching the Microsoft ‘BlueKeep’ Vulnerability (CVE-2019-0708)
This past week a serious vulnerability that affects some older versions of Windows, CVE-2019-0708, was disclosed for which Microsoft has produced a patch. This vulnerability in Remote Desktop Services (aka Terminal Services) could allow an...
Adobe Spotlight Research Report – 2018 Vulnerability Weaponization Top Concern
At RiskSense, part of our mission is to remove the data overload that boils down to reducing the workload on security and IT teams. We take the thousands of vulnerabilities generated by scanners and distil it down to the handful of issues with...
Risk Assessment in a Continuous Vulnerability Management Program
The key to any vulnerability management program is the IT organization’s ability to assess the level of risk that vulnerabilities pose to the business. The better the assessment, the better able the organization will be to prioritize...
Featured Authors
Contact us at +1 505-217-9422
© 2020 RiskSense, Inc. All rights reserved.
Legal Notices, Privacy Policy, and Customer Agreements | Site Map