Vulnerability Research

As any seasoned security professional knows, many published security vulnerabilities and attacks are over-hyped. What makes something newsworthy is not always that it poses a significant risk to most organizations. If an attack doesn’t appear to be technically sophisticated, it will often be overlooked.

Most of our development time is focused on the application of risk-based vulnerability management: DeepSurface does the math (there’s a lot of math) and shows you which vulnerabilities carry the greatest risk in your environment, and why.  People frequently respond to a demo of DeepSurface with, “That’s amazing… but what do I do next?”

Organizations today find themselves at a critical turning point in the evolution of their vulnerability management efforts. New vulnerabilities are being published more quickly than teams can credibly analyze and remediate them (currently greater than 75 per day), while at the same time a serious talent shortage has developed. According to CyberSeek, the U.S. cybersecurity workforce has over 950,000 workers, with approximately 465,000 open positions.

With increasing online threats and a massive shift to remote work over the past two years, it’s no surprise that cybersecurity risks are a top concern for businesses in 2022. Cyber incidents top the Allianz Risk Barometer for the “most important global business risk” in 2022, accounting for 44% of the survey’s responses.

It’s January 14, 2020. Patch Tuesday.  Your CIO wants to know: “ How does that RDP vulnerability I saw in the news affect us? ” Well, which RDP vulnerability are you talking about, boss?”  Never mind; it’s still a good question. You dig deeper.

With everyone working from home and IT teams struggling to scale up their infrastructure, how are you accounting for risk?

How to design a Cyber Vulnerability Management program that maximizes the ROI of your team’s work to be compliant and maximize the reduction of business risk at the same time.

We’re excited to announce the general availability of DeepSurface Risk Analyzer v2.7!  There are a ton of changes under the hood, but we wanted to let you know about a few key improvements.

Now that the dust has settled around CVE-2021-34527, also known as PrintNightmare, we thought we’d use it as an example of how DeepSurface can reprioritize even the highest priority vulnerabilities, saving you and your patch team hours of effort.  For this blog post, you don’t need to know anything about PrintNightmare other than it was nearly ubiquitous, there are dozens of exploits in the wild, and that it’s fairly easy to remediate.

We’re excited to announce the general availability of DeepSurface Risk Analyzer v2.6!  There are a ton of changes under the hood, but we wanted to let you know about a few key improvements.

Firefox is vulnerable to local privilege escalation (LPE) attacks under certain conditions on Windows platforms. This would allow an attacker to perform a local privilege escalation attack against Firefox users using the same Windows system. Through our responsible disclosure program Mozilla was contacted, and full technical details were provided, but has ultimately chosen not to fix this vulnerability.

Older versions of Adobe Acrobat Reader are vulnerable to local privilege escalation (LPE) attacks under certain conditions on Windows platforms. This would allow an attacker to perform a local privilege escalation attack against Acrobat Reader users using the same Windows system. Through our responsible disclosure program Adobe was contacted and provided a fix for this issue. Adobe also issued CVE-2021-35982 to track the vulnerability.