As the holiday season approaches, my family has a tradition of watching all of our favorite holiday movies—my favorite being Home Alone. It is the time for festive decorations, eggnog, and large heartwarming feasts with family and friends. Sadly, though, it is going to take a lot more than your aunt’s mystery casserole to ward […]
The curtain has fallen on the third quarter (Q3) of 2022, and it’s time to report the trends and highlights gleaned from Digital Shadows (now ReliaQuest)’ vulnerability intelligence. Q3 was characterized by dozens of zero-day vulnerabilities, including the continued exploitation of the high-profile Follina vulnerability (CVE-2022-30190) that debuted in the second quarter of 2022. For […]
It was a dark and stormy DEFCON. Water leaked from the ceilings onto the casino floors and lightning flashed across the sky. With over 25k attendees, Las Vegas was raining hackers. If you were not swept away in the storm in Las Vegas, you surely felt the flood of new vulnerability fixes on August’s Patch […]
Picture this, you are an analyst working in a large security operations center (SOC) responding to an overwhelming amount of alerts each day. A large portion of the alerts are false positives, but you have to be sure so each one requires your attention. After a while, complacency sets in, and impactful alerts are missed. […]
There is a saying derived from Western movies that say whoever draws first, loses the duel. Nick Bohr, a famous physicist, once said that it takes more time to initiate a movement than to react to one. People are very reactive by nature. In vulnerability management, there is a lot of pressure to quickly react […]
One month ago, the Russian government began the invasion of Ukraine, triggering one of the most severe security crises in Europe since the collapse of the Soviet Union in 1992. The Photon Intelligence Team has been constantly analyzing the development of this war, providing assessment about the involvement of hacktivism in this conflict, practical advice […]
Digital Shadows (now ReliaQuest)’ new vulnerability intelligence capability brings a unique context to CVEs. Armed with this intelligence, security teams can better prioritize their vulnerability management efforts. Beyond CVSS Scoring More than 20,000 vulnerabilities were reported in 2021 – vulnerabilities that attackers are rapidly incorporating into their campaigns. When new vulnerabilities are announced, speed of […]