Home | Resources

Threat Intelligence

VerSprite Evolved Cybersecurity Consulting

Pasta Threat Modeling

PASTA Threat Modeling: 7 Stages for Simulating Cyber Attacks

VerSprite emulates realistic cyber attacks by a malicious actor using PASTA Threat Modeling (Process for Attack Simulation and Threat Analysis). Our risk-based threat modeling methodology consists of 7 stages for simulating cyber attacks and analyzing threats to the organization and application. This allows our pentesters, redteamers, and cybersecurity analysts to help your organization identify critical vulnerabilities and minimize real-world risks associated business impact.

Learn More →

Red Hat Linux iSCI subsystem CVEs | VerSprite

Blog Post

Red Hat Linux iSCI Subsystem Zero Day

Red Hat Linux iSCSI Subsystem Vulnerability Report

In this Zero Day Report, VerSprite was asked to provide proof of concept for a Red Hat Enterprise Linux zero day found by GRIMM. Get the full PoC, CVEs, remediation, and business impact report.

Learn more

Blog Post

Companies Using VMware ESXi Are Being Targeted by Ransomware

Companies using VMware ESXi are being targeted by ransomware-as-a-service, resulting in encrypted virtual hard drives. Learn the business impact of this attack and get mitigation recommendations from VerSprite’s Threat Intelligence Group.

Learn more

2021 Cybersecurity Threats to Businesses | VerSprite Cybersecurity Consulting Firm

Webinar

riesgos de ciberseguridad para las empresas

Informe sobre amenazas a la seguridad empresarial 2021

En este video, el autor de Envisions, Balam Mendoza, y el CEO de VerSprite, Tony UcedaVélez, discuten los principales temas de nuestro Informe de amenazas 2021 y cómo los equipos de seguridad pueden usar los informes de amenazas al planificar sus protocolos de seguridad para el año.

Learn more

2021 Cybersecurity Threats to Businesses | VerSprite Cybersecurity Consulting Firm

Webinar

cybersecurity risks to businesses

2021 Business Security Threats Briefing

In this video, Envisions author, Balam Mendoza, and VerSprite CEO, Tony UcedaVélez, discuss the major topics within our 2021 Threat Report and how security teams can use threat reports when planning their security protocols for the year.

Learn more

Cybersecurity Threats 2021 Report | VerSprite Security Consultants

Ebook

Top 6 Cybersecurity Threats in 2021

Envisions Critical Threat Report 2021 identifies the top 6 global cybersecurity threats, challenges, and opportunities businesses will face. This report can be used as a powerful resource for organizations looking to evolve and refine their geo-cyber strategy.

Learn more

Vietnam Government Hit by Software Supply Chain Attack Open Signsight 2020

Blog Post

operation signsight

Operation SignSight: Software Supply Chain Attack Hits Vietnamese Government

Vietnam’s government is the latest victim in a string of complex supply chain attacks. This attack targeted the VGCA using a backdoor trojan called PhantomNet. VerSprite’s Threat Intelligence team give a brief overview of the important details you need to know.

Learn more

Webinar

zero trust policy

VerSprite Cybersecurity Discusses Sunburst and Vendor Supply Chain Attacks

Sit back and listen to part 2 of our discussion on FireEye’s breach, SolarWinds Sunburst supply chain attack. We’ll cover updates, how to protect against supply chain attacks with organizational threat models, and debate on the risks and benefits of an open disclosure community.

Learn more

Webinar

supply chain attack

Using Risk-Based Threat Modeling to Protect Your Supply Chain

Why are supply chains a popular target for cybercriminals? VerSprite CEO, Tony UcedaVélez, introduces our risk-based threat modeling approach, PASTA, and how it allows organizations to better protect their supply chain software from threat actors.

Learn more

Blog Post

Jetstream Router Backdoor

Ematic, Wavlink, Winstars, and Jetstream Wi-Fi Routers Have Hidden Backdoor

A web-accessible backdoor was found in affordable Wi-Fi routers sold at Walmart, eBay, and Amazon. In this article, VerSprite experts explore the backdoor vulnerability investigation and provide mitigation solutions.

Learn more

We are an international squad of professionals working as one.

Email

[email protected]

logos