February 3, 2023
Printer manufacturer Lexmark recently published details on a vulnerability that affects over 100 of their printer models. Learn how runZero can help you find potentially affected assets.
December 9, 2022
Cisco 7800 and 8800 IP phones can be found in many companies and organizations. Successful exploitation of this vulnerability can provide an unauthenticated attacker in the same network segment or VLAN with remote code execution or denial-of-service capabilities.
December 5, 2022
MegaRAC can be found in many server manufacturers’ Baseboard Management Controllers (BMCs), including AMD, Ampere Computing, ASRock, Asus, ARM, Dell EMC, Gigabyte, HPE, Huawei, Inspur, Lenovo, Nvidia, Qualcomm, Quanta, and Tyan. Successful exploitation of these …
November 1, 2022
The OpenSSL project team recently disclosed two vulnerabilities which affect OpenSSL 3.0.0 through 3.0.6 releases. Find systems running potentially vulnerable instances of OpenSSL in your network.
October 28, 2022
How do you find unmanaged devices on your network when they aren’t accounted for? Learn how you can use runZero to find unmanaged devices on your network.
October 11, 2022
A critical authentication bypass vulnerability was found in the web administration interface of some Fortinet products. Tracked as CVE-2022-40684, successful exploitation of this vulnerability via crafted HTTP and HTTPS requests can provide remote attackers with admin-level …
August 4, 2022
The Trellix Threat Labs Vulnerability Research team recently published vulnerability details affecting almost 30 models of DrayTek Vigor routers. This vulnerability resides in the management interface login page and is trivial to exploit via buffer overflow. An …Read More
June 21, 2022
Last month, researcher Alex Nichols at Nettitude reported a vulnerability in Microsoft’s Windows VPN software that could allow for remote code execution or local privilege escalation by an attacker. This vulnerability lies in a use-after-free condition that can occur in the …Read More
June 7, 2022
Rumble Network Discovery is now runZero! Josh Lucas, a cybersecurity engineer at Loop Secure, recently took first place in Microsoft’s Sentinel Hackathon for his submission, “[runZero]” Network Discovery solution for Microsoft Sentinel.” For his project, Josh was …Read More
June 3, 2022
An actively exploited zero-day has surfaced in popular wiki software Confluence. Deemed “critical” in severity, this vulnerability affects all supported versions of Confluence Server and Confluence Data Center, and also older, unsupported versions (i.e. everything after …Read More