As global attention converges on high-profile events like the Paris 2024 Olympics, the importance of robust cybersecurity measures cannot be overstated. Rootshell Security’s Penetratio… Read More

As part of our July Platform Release, over the next few weeks we will be going into more detail into each of the key improvements. Unlock Enhanced Performance with Our New Platform Archiving… Read More

We are excited to announce several new features designed to enhance your experience and improve the efficiency of our platform. These updates are crafted to help you manage data better, inte… Read More

Application Features New Features Data Archiving for Enhanced Performance Summary: In response to the growing datasets of our long-term clients and the observed impact on system performance… Read More

Hello, I’m Velma, Rootshell’s Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that requi… Read More

We continually strive to enhance the functionality and security of our vulnerability management platform. We are pleased to introduce a significant advancement in access control: Asset Level… Read More

At Rootshell, we are committed to enhancing the capabilities and success of our channel partners. We are thrilled to announce the launch of Public API v1, a ground-breaking feature designed… Read More

At Rootshell, innovation drives our mission to provide the most effective and user-friendly cybersecurity solutions. Today, we are excited to announce the launch of Public API v1, a major ad… Read More

It’s easy to think that cybersecurity is limited to the digital space. It’s right there in the name, if you think about it. However, the infrastructure for this cyberspace has to… Read More

Cyber threats are growing in number and sophistication, with cybercrime damage expected to reach $10.5 Trillion by 2025. As such, there is a pressing need for proactive measures to anticipat… Read More

We live in a world where clever chatbots are being used to develop automated malware and malware that mutates to evade detection. With new threats emerging daily, it’s important to kee… Read More

Author: Shaun Peapell, VP of Global Threat Services, Rootshell Security Rootshell have developed a reporting capability aligned to ‘The MITRE ATT&CK framework’, delivered wit… Read More

In this digital age, both individuals and organizations face significant threats from cyber attacks. Cybercriminals are continually evolving their attacking strategies to disrupt systems, st… Read More

Outcome-driven metrics are more than just a trendy term in the business world. They are a crucial tool for effective performance management, providing visibility and transparency into the tr… Read More

As we venture deeper into 2024, the landscape of generative AI is marked by rapid evolution and significant technological milestones. Several pivotal advancements characterise this evolution… Read More

At Rootshell Security, we are committed to empowering our channel partners with the most advanced tools and capabilities in cybersecurity. We are delighted to announce a significant enhancem… Read More

While cybersecurity threats are becoming increasingly sophisticated, social engineering continues to be one of the most prevalent and deceptive methods used by cybercriminals. You need to un… Read More

Hello, I’m Velma, Rootshell’s Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that requi… Read More

There are 29.32 billion connected devices in the world today and the number is supposed to go up to 45.72 billion in 2028. With so many connected devices, there’s the growing threat of… Read More

At Rootshell Security, we are continuously seeking ways to advance our cybersecurity tools and methodologies. We are excited to unveil a significant enhancement to our platform: the integrat… Read More

“You will never find a more wretched hive of scum and villainy.” Obi-Wan warns Luke to keep his wits about him as they arrive in Mos Eisley Spaceport, in Star Wars. The same must… Read More

As part of our ongoing commitment to enhancing platform functionality and ensuring superior security management, we are excited to announce a major update. This release includes three transf… Read More

Application Features New Features Public API v1 for Enhanced Enterprise Integration Summary: We are excited to announce the launch of our platform’s Public API v1, a powerful new fe… Read More

Author: Thomas Gomer, Security Consultant at Rootshell. Device implants are tools used within penetration testing that can be used to stealthily record, input and exfiltrate information. The… Read More

Hello, I’m Velma, Rootshell’s Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that requi… Read More

Author: Paul Cronin, Co-Founder and Partner Voice recognition technology in assistants has transformed how we interact with our devices, making daily tasks quicker and more convenient. The m… Read More

We are thrilled to unveil our latest operational and channel partner features, designed to amplify our partners’ brand presence, streamline operational workflows, and elevate client su… Read More

Author: Andrew Stanistreet, Security Consultant Managed Services Welcome to the second post in my phishing series, in the first I briefly touched on some different types of phishing such as… Read More

The recent updates to the Rootshell Platform have set new standards in operational efficiency and security management. Among these updates, we’re unveiling a transformative upgrade to… Read More

CMMC 2.0 requirements aim to strengthen cybersecurity for companies protecting national security information within the defence industrial base. Understanding the framework’s requireme… Read More

The Cybersecurity Maturity Model Certification (CMMC) model was a compliance framework designed for organizations dealing with Federal Contract Information (FCI) or Controlled Unclassified I… Read More

Cybersecurity has to adapt to evolving threats. You need fresh approaches, certifications, and frameworks to constantly keep up with emerging technologies and attack vectors. One such framew… Read More

In a world where cybersecurity threats are ever-evolving, staying ahead with innovative solutions is not just an option but a necessity. The recent updates to the Rootshell Platform have set… Read More

As a business, you have always had to worry about cyber threats. However, attacks in the past were more like a wide net cast. The problem now is that threat actors use AI to create more pers… Read More

As a business, you have always had to worry about cyber threats. However, attacks in the past were more like a wide net cast. The problem now is that threat actors use AI to create more pers… Read More

Hello, I’m Velma, Rootshell’s Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that requi… Read More

Application Features New Features Black Kite Intelligence Integration – We are excited to announce the integration of Black Kite Intelligence into our platform. This powerful feature… Read More

Discover the essentials of automated penetration testing and its role in enhancing cybersecurity strategies with Rootshell Security. In 2023, DarkBeam, a digital protection firm, had a data… Read More

What Is Red Team in Cyber Security? If you’re looking into ways of protecting your business from cyber attacks, you may have come across the term ‘red team’. But, what is a… Read More

What Is Red Team in Cyber Security? If you’re looking into ways of protecting your business from cyber attacks, you may have come across the term ‘red team’. But, what is a… Read More

Penetration testing, also known as pen testing, is a proactive security measure. It’s designed to help your organisation identify potential vulnerabilities in your defences.  Amaz… Read More

Organisations are constantly grappling with the challenge of detecting and preventing cybersecurity threats in today’s digital age. Of the many tools that people use, threat intelligen… Read More

Author: Paul Cronin, Co-Founder of Rootshell Back in 2014 when dinosaurs ruled the earth, I was fortunate enough to be involved with CREST in helping shape the UK government’s Cyber Es… Read More

Author: Andrew Stanistreet, Security Consultant Managed Services Flavors of Phishing In this first post of this blog series, I want to first set the scene when it comes to phishing including… Read More

Learn How To Reduce Your Cyber Security Insurance Premiums and minimize risk with these strategies. Reduce Your Cyber Security Insurance Premiums by Reducing Risk No matter what the size of… Read More

Hello, I’m Velma, Rootshell’s Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that requi… Read More

New Features New Level 2 Integration | SentinelOne – Rootshell now supports the uploading and parsing of a csv export from the Singularity Cloud platform by SentinelOne. New Level 2 In… Read More

The Rootshell Platform continuously scans a user’s estate for any issues that are being actively exploited by threat actors in the wild. If any of these vulnerabilities are detect… Read More

Author: Paul Cronin, Co-Founder of Rootshell As a penetration tester, I often found it frustrating that the reports I submitted became outdated as vulnerabilities I reported on weren’t… Read More

Hello, I’m Velma, Rootshell’s Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that requi… Read More

Author: Shaun Peapell, VP of Global Threat Services As part of Rootshell’s comprehensive security testing strategies, Wi-Fi network security testing plays a fundamental role in the ove… Read More

Improved Nessus CVSS Scoring In our ongoing efforts to provide seamless integration and data accuracy, we’ve introduced an important enhancement for Nessus imports in the platform. Key… Read More

Vulnerability Correlation Database—A Revolution in Remediation Management We’re taking cybersecurity to the next level with the introduction of a comprehensive Vulnerability Corr… Read More

We are excited to announce the latest update to the platform, packed with new features, significant improvements, and groundbreaking operational additions designed to elevate your cybersecur… Read More

Application Features New Features SLAs – Customisable Content – We understand that every organisation has unique needs and communication styles, especially when it comes to servi… Read More

Hello, I’m Velma, Rootshell’s Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that requi… Read More

The Difference Between Attack Surface Management (ASM) and Vulnerability Management (VM)Cybersecurity is a dynamic field that constantly evolves with the emergence of new threats and vulnera… Read More

Application Features Platform Improvements Email Notification for 2FA Reset – Users will now receive email notifications when their 2FA is reset in the platform. This new feature prom… Read More

Author: Paul Cronin, Co-Founder of Rootshell Phishing scammers, we generally assume, will typically use email as their delivery mechanism to their target audience.  The scattergun appro… Read More

In 2023, staying ahead of evolving threats is paramount. At Rootshell Security, we understand the critical need to not only grasp the current industry landscape but also to anticipate emergi… Read More

In today’s dynamic business landscape, safeguarding critical assets is paramount. Every organization operates within a digital realm, and within this realm lies a trove of valuable dat… Read More

In 2023 the digital landscape, where cyber threats loom large and security breaches are a constant concern, an effective vulnerability management program is crucial for safeguarding your org… Read More

Hello, I’m Velma, Rootshell’s Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that requi… Read More

Author: Shaun Peapell, VP Global Threat Services I have been in some kind of security role for over 30 years and during that time the way we compromise a target or victim has remained fairly… Read More

Author: Shaun Peapell, VP Global Threat Services The cyber security world is an ever-evolving landscape, staying one step ahead of potential threats has become increasingly challenging. Red… Read More

Hello, I’m Velma, The Prism Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that require immed… Read More

What is Automated Vulnerability Management?At its core, vulnerability management is the ongoing practice of identifying, classifying, and mitigating vulnerabilities within an organization&rs… Read More

Author: Liam Hackett, Head of Development and creator of Velma, Rootshell’s own AI. It’s been a year since I last wrote about AI. Since then, we’ve seen an explosion in AI… Read More

Contextual Understanding for Informed Decisions: Traditional CVSS scores provide a narrow view of threats. Prism tried to solve this problem by introducing the Daily Exploit Detection Servic… Read More

Author: Shaun Peapell, VP of Global Threat Services As a mature Red Team and Simulated Attack house, we often look to leverage numerous ways to trick target users to carry out actions useful… Read More

FSQS Registration Renewal We are proud to announce that we have just successfully renewed our registration within the Financial Supplier Qualification System (FSQS), a standard used by major… Read More

Author: Shaun Peapell (VP of Global Threat Services) Throughout my career, I’ve dabbled with wireless burglar alarm systems, which led me down a path of intriguing discoveries, diverse… Read More

Microsoft Exchange Servers Compromised by Turla APT Background: Active for over ten years, Turla (Secret Blizzard) is a cyberespionage threat group attributed to Russia’s Federal Secur… Read More

Analysis of Storm-0558 Techniques for Unauthorized Email Access Background: Storm-0558 is a China-based threat actor with activities and methods consistent with cyberespionage objectives. Th… Read More

Author: Shaun Peapell (VP of Global Threat Services) During this year’s InfoSecurity Show, our team at Rootshell devised an engaging challenge for show-goers. The task? Picking a lock… Read More

We’re delighted to bring you exciting news about the forthcoming release of Prism, scheduled for the end of July. Our devoted team has been busily working away behind the scenes to inc… Read More

Rootshell RedForce testing team has been credited with the discovery of an exploitable hash stealing vulnerability in Microsoft OneNote. This has been responsibly reported to Microsoft for f… Read More

Allow me to introduce myself. I am Velma, The Prism Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits… Read More

Author: Paul Cronin (Partner and Co-Founder) Anyone who knows me knows that when I’m not involved in IT security, I’m usually messing around with my love of the water: surfing, p… Read More

Welcome to our summary of the June 2023 Microsoft Patch Tuesday. We have tabulated the vulnerabilities that the latest patches from Microsoft fix, so that you can easily export them for use… Read More

Application Features New Features Automatic Dynamic Remediation – Prism now supports a fully automated end-to-end vulnerability management solution with the ability for users to set Pr… Read More

Prism Platform’s June release completes our journey to full automation of vulnerability management; adding the ability to automatically remediate vulnerabilities based on previous test… Read More

Prism Platform continuously scans a user’s estate for any issues that are being actively exploited by threat actors in the wild. If any of these vulnerabilities are detected, users are… Read More

CloudWizard APT: the Bad Magic Story Goes on Background: A newly-discovered modular malware framework dubbed CloudWizard has been active since 2016. Kaspersky researchers were able to connec… Read More

Lancefly: Group Uses Custom Backdoor to Target Orgs in Government, Aviation, Other Sectors Background: Symantec researchers detected a new cyberespionage campaign by the Lancefly China-spons… Read More

Deconstructing Amadey’s Latest Multi-Stage Attack and Malware Distribution Background: McAfee researchers have detected a multi-stage attack that starts with a trojanized wextract.exe… Read More

Welcome to our summary of the May 2023 Microsoft Patch Tuesday. We have tabulated the vulnerabilities that the latest patches from Microsoft fix, so that you can easily export them for use i… Read More

The Automation Centre, part of Prism Platform’s latest update, makes it possible to add business context to your vulnerability data, making it even easier to prioritize and remediate w… Read More

Prism Platform continuously scans a user’s estate for any issues that are being actively exploited by threat actors in the wild. If any of these vulnerabilities are detected, users are… Read More

Prism Platform’s Automation Center enables teams to create a range of automation rules that will drive down the time it takes to remediate issues and help manage, prioritize, and deleg… Read More

Prism Platform’s Automation Centre enables teams to create a range of automation rules that will drive down the time it takes to remediate issues and help manage, prioritize, and deleg… Read More

First-Ever Attack Leveraging Kubernetes RBAC to Backdoor Clusters Background: A new Monero cryptocurrency-mining campaign is the first recorded case of gaining persistence via Kubernetes (K8… Read More

QBot Banker Delivered through Business Correspondence Background: In early April 2023, an increased volume of malspam utilizing business-email thread hijacking was detected delivering the QB… Read More

In this milestone update to Prism Platform, we introduce an advanced automation system designed to streamline and scale the vulnerability remediation process: the Automation Center. Addition… Read More

Welcome to our summary of the April 2023 Microsoft Patch Tuesday. We have tabulated the vulnerabilities that the latest patches from Microsoft fix, so that you can easily export them for use… Read More

Once upon a time, vendors would be grateful for bug hunters reporting flaws in their software so they could fix them. With their more detailed understanding of the software in question (i.e… Read More

Application Features New Features Automation Centre – Prism now supports the creation of automated processes to greatly assist users with their issue remediation, Users are able to pic… Read More

Prism Platform continuously scans a user’s estate for any issues that are being actively exploited by threat actors in the wild. If any of these vulnerabilities are detected, users are… Read More

MQsTTang: Mustang Panda’s Latest Backdoor Treads New Ground with Qt and MQTT Background: In early 2023, China-sponsored group Mustang Panda began experimenting with a new custom backdo… Read More

Prism Platform continuously scans a user’s estate for any issues that are being actively exploited by threat actors in the wild. If any of these vulnerabilities are detected, users are… Read More