Home | Resources

Threat & Vulnerability Management

Learn more about our advisory services.

Security Gaps Found in DeKalb County's Data Center

Video

Data Security Breach

ATL Channel 2 News Interviews VerSprite CEO on Security Gaps Found in DeKalb Data Center

Tony UcedaVélez, VerSprite CEO, is interviewed about recent report finding security gaps in DeKalb County’s data center: “Environments where you have too many people having access to sensitive areas is naturally a problem…”

Learn more

cloud azure security

Blog Post

Security Vulnerabilities

Why an Increasing Number of Clients Are Migrating to Microsoft Azure

Given the noticeable upward trend in Azure adoption, let’s explore more about Azure security, compliance, and its other rich capabilities. In this post we’ll just touch on big picture and what is important to securing your Azure environment.

Learn more

Leveraging PASTA for Strategic Security Operations Management - Exploit Testing

Webinar

Enterprise Data Security

Leveraging PASTA Threat Modeling for Strategic Security Operations Management & Exploit Testing

Modeling for threats forces an adversarial lens for security operations team members. Via evidence backed attack simulations, security operations centers (SOC) can define a blueprint for defense that factors in motives, related attack patterns, and realistic targets.

Learn more

Microsoft BlueKeep Vulnerability

Blog Post

Microsoft Windows Security Vulnerabilities

Microsoft Windows Remote Code Execution (RCE) Vulnerability: BlueKeep

On June 17, 2019 the Department of Homeland Security (DHS) issued an alert for the Microsoft Windows Remote Code Execution (RCE) vulnerability named BlueKeep and CVE-2019-0708.

Learn more

Microsoft Outlook for Android Vulnerable to Cross-Site Scripting

Blog Post

Microsoft Outlook for Android Vulnerable to Cross-Site Scripting

Microsoft published an advisory on a critical vulnerability found in the Microsoft Outlook Android application. The attack happens when an email is sent to the victim with an embedded hidden code.

Learn more

Mozilla Firefox Patches Multiple Zero Days

Blog Post

Exploitation of Vulnerabilities

Mozilla Firefox Patches Multiple Zero Days

Mozilla Firefox has patched multiple zero days that could lead to arbitrary code being executed remotely. The first vulnerability that was patched was a Universal Cross-site Scripting (UXSS) attack and worked on any Windows, MacOS and Linux device.

Learn more

password

Blog Post

Web Application Security

NTML Passwords Insecure

Hashcat is the world’s fastest and most advanced password recovery utility. This software on its 6.0.0 beta version can now crack an eight-character Windows NTLM password hash under 2 hours 30 minutes.

Learn more

wordpress

Blog Post

Web Application Security

Critical Vulnerability in WordPress Core

Security researchers at RIPS Technologies GmbH have published research about a critical remote command execution (RCE) in WordPress 5.0. This issue affects all the previous released versions in the past 6 years.

Learn more

Over the last couple of days, an innovative campaign to spread phishing was detected. This attack used the Google translate service to make malicious links appear legitimate when visited only on mobile browsers.

Blog Post

Social Engineering

Phishing Site Uses Google Translate

An innovative campaign to spread phishing was recently detected. This attack used the Google translate service to make malicious links appear legitimate when visited only on mobile browsers.

Learn more

We are an international squad of professionals working as one.

Email

[email protected]

logos