The importance of asset visibility in the detection and remediation of vulnerabilities

Find out why CISA mandated vulnerability scanning and the role asset visibility plays in ensuring that security threats are detected. 

Digium Phones Under Attack and how web shells can be really dangerous

Learn about the dangers web shells have on Digium phones.

vSingle is abusing GitHub to communicate with the C2 server

Lazarus' advanced persistent threat (APT) operations use malware specially crafted for attacking financial institutions, espionage, and disruptive purposes.

The most dangerous vulnerabilities exploited in 2022

This article will spotlight some of the most dangerous vulnerabilities that threat actors exploited in the first half of 2022.

Follina — Microsoft Office code execution vulnerability

Microsoft tracked as CVE-2022-30190 a new vulnerability, also called “Follina,” that leverages Microsoft Office to lure victims and execute code without thei

Spring4Shell vulnerability details and mitigations

Spring4Shell is a remote code execution vulnerability (CVSS 9.8) published at the end of March 2022 that impacts Spring Framework.

How criminals are taking advantage of Log4shell vulnerability

This article will break down the modus operandi of the Log4shell vulnerability

Microsoft Autodiscover protocol leaking credentials: How it works

Explore how the Autodiscover protocol works and why your environment might be insecure and leak passwords to the internet.

How to write a vulnerability report

Find out how to write a good vulnerability report and why it's important to do well.

How to report a security vulnerability to an organization

Finding a bug is rewarding. But what do you do once you've found one?