2024-04-22 12:26
Author: Thomas Gomer, Security Consultant at Rootshell.
Device implants are tools used within penetration testing that can be used to stealthily record, input and exfiltrate information. The… Read More
Blog Directory > Technology Blogs > Rootshell Security technology Blog >
Rootshell Security Blog
rootshellsecurity.net/blog
Tags:
cmmc
cybersecurity
cmmc compliance
compliance
support
asset management
voice
asset
kite
code execution
Continuous, next generation penetration testing with actionable results.
2024-04-11 16:27
Hello, I’m Velma, Rootshell’s Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that requi… Read More
2024-03-22 13:54
Author: Paul Cronin, Co-Founder and Partner
Voice recognition technology in assistants has transformed how we interact with our devices, making daily tasks quicker and more convenient. The m… Read More
2024-03-21 08:39
We are thrilled to unveil our latest operational and channel partner features, designed to amplify our partners’ brand presence, streamline operational workflows, and elevate client su… Read More
2024-03-18 14:39
Author: Andrew Stanistreet, Security Consultant Managed Services
Welcome to the second post in my phishing series, in the first I briefly touched on some different types of phishing such as… Read More
2024-03-14 16:41
The recent updates to the Rootshell Platform have set new standards in operational efficiency and security management. Among these updates, we’re unveiling a transformative upgrade to… Read More
2024-03-13 10:50
CMMC 2.0 requirements aim to strengthen cybersecurity for companies protecting national security information within the defence industrial base. Understanding the framework’s requireme… Read More
2024-03-13 10:50
The Cybersecurity Maturity Model Certification (CMMC) model was a compliance framework designed for organizations dealing with Federal Contract Information (FCI) or Controlled Unclassified I… Read More
2024-03-13 09:27
Cybersecurity has to adapt to evolving threats. You need fresh approaches, certifications, and frameworks to constantly keep up with emerging technologies and attack vectors.
One such framew… Read More
2024-03-08 07:56
In a world where cybersecurity threats are ever-evolving, staying ahead with innovative solutions is not just an option but a necessity. The recent updates to the Rootshell Platform have set… Read More
2024-03-07 16:18
As a business, you have always had to worry about cyber threats. However, attacks in the past were more like a wide net cast. The problem now is that threat actors use AI to create more pers… Read More
2024-03-07 16:18
As a business, you have always had to worry about cyber threats. However, attacks in the past were more like a wide net cast. The problem now is that threat actors use AI to create more pers… Read More
2024-03-05 14:40
Hello, I’m Velma, Rootshell’s Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that requi… Read More
2024-02-29 09:29
Application Features
New Features
Black Kite Intelligence Integration – We are excited to announce the integration of Black Kite Intelligence into our platform. This powerful feature… Read More
2024-02-26 14:57
Discover the essentials of automated penetration testing and its role in enhancing cybersecurity strategies with Rootshell Security.
In 2023, DarkBeam, a digital protection firm, had a data… Read More
2024-02-21 11:22
What Is Red Team in Cyber Security?
If you’re looking into ways of protecting your business from cyber attacks, you may have come across the term ‘red team’.
But, what is a… Read More
2024-02-21 11:22
What Is Red Team in Cyber Security?
If you’re looking into ways of protecting your business from cyber attacks, you may have come across the term ‘red team’.
But, what is a… Read More
2024-02-16 16:07
Penetration testing, also known as pen testing, is a proactive security measure. It’s designed to help your organisation identify potential vulnerabilities in your defences.
Amaz… Read More
2024-02-16 14:31
Organisations are constantly grappling with the challenge of detecting and preventing cybersecurity threats in today’s digital age. Of the many tools that people use, threat intelligen… Read More
2024-02-15 11:36
Author: Paul Cronin, Co-Founder of Rootshell
Back in 2014 when dinosaurs ruled the earth, I was fortunate enough to be involved with CREST in helping shape the UK government’s Cyber Es… Read More
2024-02-14 13:51
Author: Andrew Stanistreet, Security Consultant Managed Services
Flavors of Phishing
In this first post of this blog series, I want to first set the scene when it comes to phishing including… Read More
2024-02-12 12:43
Learn How To Reduce Your Cyber Security Insurance Premiums and minimize risk with these strategies.
Reduce Your Cyber Security Insurance Premiums by Reducing Risk
No matter what the size of… Read More
2024-02-02 15:38
Hello, I’m Velma, Rootshell’s Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that requi… Read More
2024-02-01 09:16
New Features
New Level 2 Integration | SentinelOne – Rootshell now supports the uploading and parsing of a csv export from the Singularity Cloud platform by SentinelOne.
New Level 2 In… Read More
2024-02-01 09:11
The Rootshell Platform continuously scans a user’s estate for any issues that are being actively exploited by threat actors in the wild. If any of these vulnerabilities are detect… Read More
2024-01-22 09:19
Author: Paul Cronin, Co-Founder of Rootshell
As a penetration tester, I often found it frustrating that the reports I submitted became outdated as vulnerabilities I reported on weren’t… Read More
2023-12-06 19:58
Hello, I’m Velma, Rootshell’s Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that requi… Read More
2023-11-22 08:08
Author: Shaun Peapell, VP of Global Threat Services
As part of Rootshell’s comprehensive security testing strategies, Wi-Fi network security testing plays a fundamental role in the ove… Read More
2023-11-13 11:40
Improved Nessus CVSS Scoring
In our ongoing efforts to provide seamless integration and data accuracy, we’ve introduced an important enhancement for Nessus imports in the platform.
Key… Read More
2023-11-06 11:45
Vulnerability Correlation Database—A Revolution in Remediation Management
We’re taking cybersecurity to the next level with the introduction of a comprehensive Vulnerability Corr… Read More
2023-11-03 09:02
We are excited to announce the latest update to the platform, packed with new features, significant improvements, and groundbreaking operational additions designed to elevate your cybersecur… Read More
2023-11-02 14:56
Application Features
New Features
SLAs – Customisable Content – We understand that every organisation has unique needs and communication styles, especially when it comes to servi… Read More
2023-11-01 10:31
Hello, I’m Velma, Rootshell’s Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that requi… Read More
2023-10-25 09:06
The Difference Between Attack Surface Management (ASM) and Vulnerability Management (VM)Cybersecurity is a dynamic field that constantly evolves with the emergence of new threats and vulnera… Read More
2023-10-24 11:45
Application Features
Platform Improvements
Email Notification for 2FA Reset – Users will now receive email notifications when their 2FA is reset in the platform. This new feature prom… Read More
2023-10-20 14:33
Author: Paul Cronin, Co-Founder of Rootshell
Phishing scammers, we generally assume, will typically use email as their delivery mechanism to their target audience. The scattergun appro… Read More
2023-10-11 15:16
In 2023, staying ahead of evolving threats is paramount. At Rootshell Security, we understand the critical need to not only grasp the current industry landscape but also to anticipate emergi… Read More
2023-10-11 14:08
In today’s dynamic business landscape, safeguarding critical assets is paramount. Every organization operates within a digital realm, and within this realm lies a trove of valuable dat… Read More
2023-10-11 08:37
In 2023 the digital landscape, where cyber threats loom large and security breaches are a constant concern, an effective vulnerability management program is crucial for safeguarding your org… Read More
2023-10-05 11:30
Hello, I’m Velma, Rootshell’s Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that requi… Read More
2023-10-02 12:31
Author: Shaun Peapell, VP Global Threat Services
I have been in some kind of security role for over 30 years and during that time the way we compromise a target or victim has remained fairly… Read More
2023-09-11 12:44
Author: Shaun Peapell, VP Global Threat Services
The cyber security world is an ever-evolving landscape, staying one step ahead of potential threats has become increasingly challenging. Red… Read More
2023-09-05 09:16
Hello, I’m Velma, The Prism Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits that require immed… Read More
2023-08-31 15:13
What is Automated Vulnerability Management?At its core, vulnerability management is the ongoing practice of identifying, classifying, and mitigating vulnerabilities within an organization&rs&hell…Read More
2023-08-30 10:57
Author: Liam Hackett, Head of Development and creator of Velma, Rootshell’s own AI.
It’s been a year since I last wrote about AI. Since then, we’ve seen an explosion in AI… Read More
2023-08-23 15:45
Contextual Understanding for Informed Decisions:
Traditional CVSS scores provide a narrow view of threats. Prism tried to solve this problem by introducing the Daily Exploit Detection Servic… Read More
2023-08-16 10:29
Author: Shaun Peapell, VP of Global Threat Services
As a mature Red Team and Simulated Attack house, we often look to leverage numerous ways to trick target users to carry out actions useful… Read More
2023-08-14 11:08
FSQS Registration Renewal
We are proud to announce that we have just successfully renewed our registration within the Financial Supplier Qualification System (FSQS), a standard used by major… Read More
2023-08-03 19:29
Author: Shaun Peapell (VP of Global Threat Services)
Throughout my career, I’ve dabbled with wireless burglar alarm systems, which led me down a path of intriguing discoveries, diverse… Read More
2023-07-28 10:50
Microsoft Exchange Servers Compromised by Turla APT
Background:
Active for over ten years, Turla (Secret Blizzard) is a cyberespionage threat group attributed to Russia’s Federal Secur… Read More
2023-07-26 09:09
Analysis of Storm-0558 Techniques for Unauthorized Email Access
Background:
Storm-0558 is a China-based threat actor with activities and methods consistent with cyberespionage objectives. Th… Read More
2023-07-26 08:13
Author: Shaun Peapell (VP of Global Threat Services)
During this year’s InfoSecurity Show, our team at Rootshell devised an engaging challenge for show-goers. The task? Picking a lock… Read More
2023-07-11 09:09
We’re delighted to bring you exciting news about the forthcoming release of Prism, scheduled for the end of July. Our devoted team has been busily working away behind the scenes to inc… Read More
2023-07-05 17:05
Rootshell RedForce testing team has been credited with the discovery of an exploitable hash stealing vulnerability in Microsoft OneNote. This has been responsibly reported to Microsoft for f… Read More
2023-07-04 15:30
Allow me to introduce myself. I am Velma, The Prism Platform Vulnerability Enhanced Learning Machine AI. My purpose is to inform you about significant technical vulnerabilities and exploits… Read More
2023-06-23 10:30
Author: Paul Cronin (Partner and Co-Founder)
Anyone who knows me knows that when I’m not involved in IT security, I’m usually messing around with my love of the water: surfing, p… Read More
2023-06-14 08:41
Welcome to our summary of the June 2023 Microsoft Patch Tuesday. We have tabulated the vulnerabilities that the latest patches from Microsoft fix, so that you can easily export them for use… Read More
2023-06-08 07:28
Application Features
New Features
Automatic Dynamic Remediation – Prism now supports a fully automated end-to-end vulnerability management solution with the ability for users to set Pr… Read More
2023-06-02 08:52
Prism Platform’s June release completes our journey to full automation of vulnerability management; adding the ability to automatically remediate vulnerabilities based on previous test… Read More
2023-06-01 09:48
Prism Platform continuously scans a user’s estate for any issues that are being actively exploited by threat actors in the wild. If any of these vulnerabilities are detected, users are… Read More
2023-05-25 07:22
CloudWizard APT: the Bad Magic Story Goes on
Background:
A newly-discovered modular malware framework dubbed CloudWizard has been active since 2016. Kaspersky researchers were able to connec… Read More
2023-05-19 13:41
Lancefly: Group Uses Custom Backdoor to Target Orgs in Government, Aviation, Other Sectors
Background:
Symantec researchers detected a new cyberespionage campaign by the Lancefly China-spons… Read More
2023-05-11 10:37
Deconstructing Amadey’s Latest Multi-Stage Attack and Malware Distribution
Background:
McAfee researchers have detected a multi-stage attack that starts with a trojanized wextract.exe… Read More
2023-05-10 07:25
Welcome to our summary of the May 2023 Microsoft Patch Tuesday. We have tabulated the vulnerabilities that the latest patches from Microsoft fix, so that you can easily export them for use i… Read More
2023-05-09 09:05
The Automation Centre, part of Prism Platform’s latest update, makes it possible to add business context to your vulnerability data, making it even easier to prioritize and remediate w… Read More
2023-05-04 07:50
Prism Platform continuously scans a user’s estate for any issues that are being actively exploited by threat actors in the wild. If any of these vulnerabilities are detected, users are… Read More
2023-04-28 07:06
Prism Platform’s Automation Center enables teams to create a range of automation rules that will drive down the time it takes to remediate issues and help manage, prioritize, and deleg… Read More
2023-04-27 10:06
Prism Platform’s Automation Centre enables teams to create a range of automation rules that will drive down the time it takes to remediate issues and help manage, prioritize, and deleg… Read More
2023-04-27 09:36
First-Ever Attack Leveraging Kubernetes RBAC to Backdoor Clusters
Background:
A new Monero cryptocurrency-mining campaign is the first recorded case of gaining persistence via Kubernetes (K8… Read More
2023-04-19 14:29
QBot Banker Delivered through Business Correspondence
Background:
In early April 2023, an increased volume of malspam utilizing business-email thread hijacking was detected delivering the QB… Read More
2023-04-18 14:17
In this milestone update to Prism Platform, we introduce an advanced automation system designed to streamline and scale the vulnerability remediation process: the Automation Center.
Addition… Read More
2023-04-12 07:52
Welcome to our summary of the April 2023 Microsoft Patch Tuesday. We have tabulated the vulnerabilities that the latest patches from Microsoft fix, so that you can easily export them for use… Read More
2023-04-05 10:39
Once upon a time, vendors would be grateful for bug hunters reporting flaws in their software so they could fix them.
With their more detailed understanding of the software in question (i.e… Read More
2023-04-04 07:50
Application Features
New Features
Automation Centre – Prism now supports the creation of automated processes to greatly assist users with their issue remediation, Users are able to pic… Read More
2023-04-03 12:37
Prism Platform continuously scans a user’s estate for any issues that are being actively exploited by threat actors in the wild. If any of these vulnerabilities are detected, users are… Read More
2023-03-14 09:27
MQsTTang: Mustang Panda’s Latest Backdoor Treads New Ground with Qt and MQTT
Background:
In early 2023, China-sponsored group Mustang Panda began experimenting with a new custom backdo… Read More
2023-03-10 08:45
Prism Platform continuously scans a user’s estate for any issues that are being actively exploited by threat actors in the wild. If any of these vulnerabilities are detected, users are… Read More
2023-03-07 10:12
WinorDLL64: A Backdoor From The Vast Lazarus Arsenal
Background:
When the Wslink downloader (WinorLoaderDLL64.dll) was first discovered in 2021, it had no known payload and no known attribut… Read More
2023-02-15 13:23
No Pineapple! –DPRK Targeting of Medical Research and Technology Sector
(published: February 2, 2023)
Background:
North Korea-sponsored group Lazarus has been engaging in cyberespionag… Read More
2023-02-09 16:42
Prism Platform’s latest update gives teams powerful new tools to prioritize more effectively than ever before, by offering improved ways to review and manage automatically updated vuln… Read More
2023-02-09 15:34
New Features
New Level 2 Integration | SentinelOne – Prism now supports the uploading and parsing of a csv export from the Singularity Cloud platform by SentinelOne.
New Level 2 Integr… Read More
2023-02-06 09:13
Chinese PlugX Malware Hidden in Your USB Devices?
(published: January 26, 2023)
Background:
Palo Alto researchers analyzed a PlugX malware variant (KilllSomeOne) that spreads via USB devices… Read More
2023-02-01 09:16
Prism Platform continuously scans a user’s estate for any issues that are being actively exploited by threat actors in the wild. If any of these vulnerabilities are detected, users are… Read More
2023-02-01 09:15
Welcome to our summary of the March 2023 Microsoft Patch Tuesday. We have tabulated the vulnerabilities that the latest patches from Microsoft, so that you can easily export them for use in… Read More
2023-02-01 09:15
Welcome to our summary of the first Patch Tuesday of the year (January 2023). We have tabulated the vulnerabilities that the latest patches from Microsoft, so that you can easily export them… Read More
2023-01-27 11:16
Roaming Mantis Implements New DNS Changer in Its Malicious Mobile App in 2022
(published: January 19, 2023)
Background:
In December 2022, a financially-motivated group dubbed Roaming Mantis… Read More
2023-01-24 11:21
Malicious ‘Lolip0p’ PyPi Packages Install Info-Stealing Malware
(published: January 16, 2023)
Background:
On January 10, 2023, Fortinet researchers detected actor Lolip0p offerin… Read More
2023-01-17 10:22
Author: Paul Cronin (Partner and Co-Founder)
Software Defined Radio (SDR) is not a new subject, however the release of the Flipper Zero has recaptured my interest in the subject.
I don&rsquo&hell…Read More
2023-01-16 01:00
Penetration Testing vs Vulnerability Scanning: A Comparison
For an enterprise, both penetration testing and vulnerability scanning are useful for protecting systems and networks from cyber a… Read More
2023-01-13 10:13
Cyber criminals are constantly looking for ways to exploit any weaknesses in a business’ digital infrastructure, which is why it has become increasingly important to defend against cyb… Read More
2023-01-12 15:45
OPWNAI : Cybercriminals Starting to Use ChatGPT
(published: January 6, 2023)
Background:
Check Point researchers have detected multiple underground forum threads outlining experimenting with… Read More
2023-01-11 09:06
Welcome to our summary of the first Patch Tuesday of the year (January 2023). We have tabulated the vulnerabilities that the latest patches from Microsoft, so that you can easily export them… Read More
2023-01-06 13:53
PyTorch Discloses Malicious Dependency Chain Compromise Over Holidays
(published: January 1, 2023)
Background:
Between December 25th and December 30th, 2022, users who installed PyTorch-nigh… Read More
2023-01-04 11:34
New RisePro Stealer Distributed by the Prominent PrivateLoader
(published: December 22, 2022)
Background:
RisePro is a new commodity infostealer that is being sold and supported by Telegram… Read More
2023-01-03 11:13
Prism Platform continuously scans a user’s estate for any issues that are being actively exploited by threat actors in the wild. If any of these vulnerabilities are detected, users are… Read More
2022-12-21 15:03
APT5: Citrix ADC Threat Hunting Guidance
(published: December 13, 2022)
Background:
On December 13, 2022, the US National Security Agency published a report on the ongoing exploitation of Ci… Read More
2022-12-14 09:10
Welcome to our summary of the final Patch Tuesday of the year (December 2022). We have tabulated the vulnerabilities that the latest patches from Microsoft, so that you can easily export the… Read More
2022-12-08 18:56
Chinese Gambling Spam Targets World Cup Keywords
(published: December 2, 2022)
Background:
Since 2018, a large-scale website infection campaign was affecting up to over 100,000 sites at a gi… Read More
2022-12-07 15:16
Vulnerability Intelligence is a critical element of vulnerability management. It enables teams to gain a greater understanding of the risk posed by a vulnerability based on real-world contex… Read More
2022-12-02 10:34
Last week, a number of Prism Platform’s developers went to SymfonyCon at the one and only Disneyland Paris!
SymfonyCon is the first conference the engineering team have attended since… Read More
Subscribe to Rootshell Security
Get updates delivered right to your inbox!