Pulse Connect Secure vulnerability CVE-2021-22893 and other old vulnerabilities are being actively exploited. While GRIMM engineers were not able to obtain a device or the firmware for a full analysis, the device in question looks like a Linux-based rack-mounted server that sits inside the firewall and mediates all kinds of access for clients accessing it via a […]
Pulse Secure April Attack Read More »
GRIMM is pleased to announce the launch of their new Private Vulnerability Disclosure (PVD) program. This offering allows defenders to get ahead of the attack curve, instead of reacting to unknown threats, by providing previously unknown vulnerabilities. Subscribers will have access to a stream of high-impact vulnerabilities from GRIMM’s internal research team. Release timing will
GET AHEAD OF THE UNKNOWN Read More »
Last week the Director of National Intelligence released a Worldwide Threat Assessment. It’s fairly short and to the point (only 42 pages), but I wanted to summarize for those who don’t have time to read it and help apply it to enterprise defense. The main two things to take away from this report are: Threats:
DNI Threat Assessment – Practical Guidance for your Company Read More »
Today, SCYTHE unveiled unique enhancements to the SCYTHE attack simulation platform. This release allows measuring effectiveness of an enterprise’s security controls with granularity and prioritizing areas for real action across the entire enterprise against your people, technology or processes easier than ever before. Highlights: Campaign Automation Be creative and make your job easier than ever!
Breach Reality Check: Get More Realistic with the Latest in Attack Simulation Read More »