Pearce Barry


Former Director of Security Research

40 Published Articles

Latest Stories

Rapid Response
How to find Citrix NetScaler ADCs and Gateways
A new vulnerability was disclosed in NetScaler ADC and Gateway products for version 13.1-50.23.
Rapid Response
How to find VMware ESXi installations
On March 5th, 2024, VMware disclosed several vulnerabilities in its ESXi, Workstation, and Fusion products.
Rapid Response
How to find Samba instances on your network
How to find Samba v4 instances # On October 10th, the Samba team announced an interesting vulnerability that could allow a remote attacker to...
Rapid Response
How to find Confluence Servers
An actively exploited zero-day has surfaced in popular wiki software Confluence. Deemed “critical” in severity with a CVSS score of 10 out of 10,...
Rapid Response
How to find OpenSSL vulnerabilities
The OpenSSL project team recently disclosed two vulnerabilities which affect OpenSSL 3.0.0 through 3.0.6 releases. Find systems running potentially...
Rapid Response
How to find AMI MegaRAC BMCs
This week, Eclypsium Research published findings on critical vulnerabilities discovered in AMI MegaRAC baseboard management controller (BMC) firmware.
Rapid Response
How to find Fortinet SSL-VPN
Fortinet warned customers this week of potential limited exploitation in the wild regarding a flaw affecting the SSL-VPN software component.
Rapid Response
How to find Barracuda Email Security Gateways
Exploitation of Barracuda Email Security Gateway (ESG) appliances has made the news recently, including on-going investigation into the attacks.
Rapid Response
How to find PaperCut services on your network
PaperCut recently revealed that two products in its popular line of print server software contain severe vulnerabilities currently being exploited...
Rapid Response
How to find OpenSSH servers
The OpenSSH team surfaced a security issue earlier this month that specifically affects OpenSSH server version 9.1p1 (a.k.a. version 9.1).
Rapid Response
How to find Lexmark printer assets on your network
Printer manufacturer Lexmark recently published details on a vulnerability that affects over 100 of their printer models. Learn how runZero can...
Rapid Response
How to find Veeam Backup & Replication instances
Veeam recently published information on two vulnerabilities in the Veeam Backup & Replication product, originally reported by Nikita Petrov of...
Rapid Response
How to find Cisco 7800 and 8800 series IP phone assets on your network
Cisco 7800 and 8800 IP phones can be found in many companies and organizations. Successful exploitation of this vulnerability can provide an...
Product Release
How runZero finds unmanaged devices on your network
How do you find unmanaged devices on your network when they aren't accounted for? Learn how you can use runZero to find unmanaged devices on your...
Podcasts
Risky Biz News, Episode 50: Academics find a tiny crack in Apple's Private Relay
A short podcast updating listeners on the security news of the last few days featuring Pearce Barry, principal security researcher at runZero.
Rapid Response
How to find DrayTek Vigor routers
The Trellix Threat Labs Vulnerability Research team recently published vulnerability details affecting almost 30 models of DrayTek Vigor routers.
Rapid Response
How to find Microsoft VPN/PPTP
Last month, researcher Alex Nichols at Nettitude reported a vulnerability in Microsoft’s Windows VPN software that could allow for remote code...
Product Release
A prize-winning community integration between runZero and Microsoft Sentinel
Josh Lucas, a cybersecurity engineer at Loop Secure, recently took first place in Microsoft’s Sentinel Hackathon for his submission, “[runZero]”...
Rapid Response
How to find F5 BIG-IP instances
Technology vendor F5 recently published information on over 40 vulnerabilities, mostly affecting their BIG-IP line of products.
Rapid Response
How to find Netatalk instances
A critical vulnerability in the Netatalk open source file server software was found in some popular network attached storage (NAS) devices.
Rapid Response
How to find applications & services that use Log4J
runZero can help you build an up-to-date asset inventory and search for assets that may be affected by Log4J vulnerabilities, such as Log4shell.
Rapid Response
How to find Kaspersky AV on your Windows endpoints
Late last week, the U.S. Federal Communications Commission announced it had added Russian-based Kaspersky Lab to its Covered List, maintained by...
Rapid Response
How to find APC assets
Researchers at Armis recently published details on three new vulnerabilities affecting cloud-connected APC Smart-UPS devices manufactured by...
Rapid Response
How to find GitLab instances
The development team at GitLab issued a new critical security release that patches seven recently-disclosed vulnerabilities in GitLab software.
Rapid Response
How to find Zabbix instances
Popular monitoring tool Zabbix surfaced in security news this week due to two newly disclosed vulnerabilities.
Rapid Response
How to find Moxa MXview instances
Security researchers with Claroty’s Team82 recently published findings of five discovered vulnerabilities in Moxa’s MXview software.
Rapid Response
How to find SAP NetWeaver instances on your network
A set of recently patched SAP vulnerabilities has been surfaced by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), with their...
Rapid Response
How to find Linux servers on your network
News dropped this week around a memory corruption vulnerability with a broad reach across many Linux distributions, including Ubuntu, Debian, Mint,...
Rapid Response
How to find Control Web Panel (CWP) instances
Security researcher Paulos Yibelo shared findings this week on two new vulnerabilities within the popular Control Web Panel (formerly CentOS Web...
Rapid Response
Ringing in 2022 with vulns, more vulns, and CISA guidance
Wrapping up 2021 and kicking off 2022, there were no shortages of vulnerabilities, vendor security advisories, patches, and active exploitations....
Rapid Response
How to find Grafana instances
A zero-day vulnerability for Grafana, a popular analytics and visualization software, was leaked this week.
Rapid Response
How to find HP printers and multi-function printers (MFPs)
Do you have HP printers and multi-function printers (MFPs)? You might want to look at the two recently published vulnerabilities that affect 150+...
Rapid Response
How to find Nucleus TCP/IP assets with accessible FTP services
Researchers at Forescout recently published findings on a new set of 13 vulnerabilities with the Nucleus RTOS TCP/IP stack, collectively referred...
Rapid Response
How to find PAX point-of-sale devices
PAX Technologies, a China-based company that manufactures a LOT of point-of-sale (POS) terminal devices, has been in the news this week following...
Rapid Response
How to find Apache HTTP Server instances
The Apache Software Foundation recently announced a path traversal vulnerability present in version 2.4.49 of the Apache HTTP Server software.
Rapid Response
How to find Hikvision IP cameras and recorders on your network
Newly published security research from Watchful IP reveals an unauthenticated code execution vulnerability (assigned CVE-2021-36260) present in...
Rapid Response
How to find assets running OMI services
Details on vulnerabilities present in some Azure Linux VMs, collectively referred to as “OMIGOD”, came to light this week via published research by...
Rapid Response
How to find Fortinet web application firewall devices
Recently published security research from Rapid7 provides details on an OS command injection vulnerability in Fortinet’s web application firewall...
runZero Research
BlackHat gems HP iLO 5 vulnerabilities
Each year, August arrives with promises of hot weather and cool security research talks. The DEF CON, Black Hat, and BSidesLV security conferences...
runZero Research
Fingerprinting Windows versions, AV, wireless cards over the network—all without authentication
Correctly identifying and categorizing network-connected systems without credentials is a tricky challenge and one of the fun parts of working at...
© Copyright 2024 runZero, Inc. All Rights Reserved