March 28, 2024
As any seasoned security professional knows, many published security vulnerabilities and attacks are over-hyped. What makes something newsworthy is not always that it poses a significant risk to most organizations. If an attack doesn’t appear to be technically sophisticated, it will often be overlooked.
October 24, 2022
Most of our development time is focused on the application of risk-based vulnerability management: DeepSurface does the math (there’s a lot of math) and shows you which vulnerabilities carry the greatest risk in your environment, and why. People frequently respond to a demo of DeepSurface with, “That’s amazing… but what do I do next?”
July 27, 2022
Organizations today find themselves at a critical turning point in the evolution of their vulnerability management efforts. New vulnerabilities are being published more quickly than teams can credibly analyze and remediate them (currently greater than 75 per day), while at the same time a serious talent shortage has developed. According to CyberSeek, the U.S. cybersecurity workforce has over 950,000 workers, with approximately 465,000 open positions.
July 13, 2022
With increasing online threats and a massive shift to remote work over the past two years, it’s no surprise that cybersecurity risks are a top concern for businesses in 2022. Cyber incidents top the Allianz Risk Barometer for the “most important global business risk” in 2022, accounting for 44% of the survey’s responses.
May 23, 2022
It’s January 14, 2020. Patch Tuesday. Your CIO wants to know: “ How does that RDP vulnerability I saw in the news affect us? ” Well, which RDP vulnerability are you talking about, boss?” Never mind; it’s still a good question. You dig deeper.
May 23, 2022
With everyone working from home and IT teams struggling to scale up their infrastructure, how are you accounting for risk?
February 8, 2022
How to design a Cyber Vulnerability Management program that maximizes the ROI of your team’s work to be compliant and maximize the reduction of business risk at the same time.
December 15, 2021
We’re excited to announce the general availability of DeepSurface Risk Analyzer v2.7! There are a ton of changes under the hood, but we wanted to let you know about a few key improvements.
November 29, 2021
Now that the dust has settled around CVE-2021-34527, also known as PrintNightmare, we thought we’d use it as an example of how DeepSurface can reprioritize even the highest priority vulnerabilities, saving you and your patch team hours of effort. For this blog post, you don’t need to know anything about PrintNightmare other than it was nearly ubiquitous, there are dozens of exploits in the wild, and that it’s fairly easy to remediate.
November 16, 2021
We’re excited to announce the general availability of DeepSurface Risk Analyzer v2.6! There are a ton of changes under the hood, but we wanted to let you know about a few key improvements.
September 28, 2021
Firefox is vulnerable to local privilege escalation (LPE) attacks under certain conditions on Windows platforms. This would allow an attacker to perform a local privilege escalation attack against Firefox users using the same Windows system. Through our responsible disclosure program Mozilla was contacted, and full technical details were provided, but has ultimately chosen not to fix this vulnerability.
September 16, 2021
Older versions of Adobe Acrobat Reader are vulnerable to local privilege escalation (LPE) attacks under certain conditions on Windows platforms. This would allow an attacker to perform a local privilege escalation attack against Acrobat Reader users using the same Windows system. Through our responsible disclosure program Adobe was contacted and provided a fix for this issue. Adobe also issued CVE-2021-35982 to track the vulnerability.
August 13, 2021
We’re excited to announce our latest version of the DeepSurface product – DeepSurface 2.4. The latest version of our vulnerability management platform expands our reporting capabilities to enable exportable reports to XLSX and PDF to make reporting your vulnerable hosts and missing patches even easier, added support for Thycotic Secret Server PAM, easier setup/administration including emailing of generated reports, and enhancements of our windows agent.
July 2, 2021
Node.js is a popular back-end JavaScript runtime environment built on the V8 engine. As part of our internal security research, we discovered numerous products in production environments installed with insecure permissions. One of these products was Node.js, and we decided to investigate further.
June 9, 2021
RabbitMQ is a popular open source message broker, used worldwide by companies like T-Mobile and SolarWinds. Its flexibility and speed makes it easy to integrate with other applications, such as SolarWinds Orion Platform. Since we previously reported CVE-2021-29221 against the popular programming language Erlang, we suspected RabbitMQ would be vulnerable to a similar local privilege escalation attack.
June 2, 2021
Atlassian Confluence Server is a popular web-based corporate content management system, allowing remote teams to collaborate efficiently on projects. With over sixty thousand customers including Docker, Linkedin, and Twilio, vulnerabilities in Confluence could have a significant impact on a large user base.
June 1, 2021
Today, we’re excited to announce the release of DeepSurface 2.2! Release 2.2 brings some exciting new features and changes in the form of tags and some UI/UX updates that make the product even easier to use.
April 30, 2021
We’re thrilled to announce DeepSurface 2.1, an improvement on DeepSurface 2.0 that makes it even easier to use. We’ve reorganized some things, added different nomenclature for increased efficiencies allowing you discover and remediate risk even faster.
April 13, 2021
Octopus Deploy is a popular DevOps automation platform that enables teams to more efficiently manage configuration, API keys, and permissions. Octopus Server allows users to self-host this platform, and is installed as a service on the host. This service runs as Local System and is a very impactful target for local privilege escalation exploits.
April 6, 2021
Our mission is to equip cybersecurity teams with the best predictive vulnerability prioritization platform and allow them to quickly identify and reduce more cybersecurity risk every day. To that end, we’re proud to announce the release of DeepSurface 2.0!
April 4, 2021
Erlang is a popular general-purpose programming language and runtime environment, with support for concurrency commonly found on many distributed systems. When distributed on Windows machines, the Erlang emulator can also be run as a service with the erlsrv.exe command. This seems to be commonly used with popular software, such as CouchDB.