runZero Blog

June 8, 2023

An accurate and full asset inventory is vital for an effective security program. Understand the risks and limits of using spreadsheets to manage cyber assets, and how runZero compares.

June 3, 2023

Reports of active exploitation of a zero-day vulnerability in the MOVEit file transfer software are making the rounds this week. The vendor, Progress Software, has released an advisory and this issue has now been assigned CVE-2023-34362. Attackers are abusing a SQL injection …

June 2, 2023

Exploitation of Barracuda Email Security Gateway (ESG) appliances has made the news recently, including on-going investigation into the attacks. Leveraging a zero-day vulnerability as far back as October 2022, attackers compromised ESG targets to deploy malware that created …

May 31, 2023

Last month, Zyxel disclosed a remote command execution vulnerability affecting a handful of their product families. This vulnerability has been assigned CVE-2023-28771, and with a CVSSv3 score of 9.8, this vulnerability is considered highly critical. Attackers who send a …

May 30, 2023

When incident responders find assets that are compromised but can’t find them in the asset inventory, many teams realize that they went down the wrong path; EDR works well for endpoint protection but not asset inventory. Let’s examine why.

May 17, 2023

Cisco recently disclosed several highly critical vulnerabilities that affect some of their Ethernet switches designed for small businesses. With a CVSSv3 score of 9.8, these vulnerabilities (assigned CVE-2023-20024, CVE-2023-20156, and CVE-2023-20157) are due to various …

May 12, 2023

Watch Chris Kirsch chat with Chris Nickerson, then Roger Rustad to talk pentesting “war stories”, and how runZero has helped the Fortinet team.

May 9, 2023

What’s new with runZero 3.8? Identify and triage risky assets Public preview of goal tracking Protocol improvements New and improved fingerprints Passwordless logins Identify and triage risky assets runZero customers can now identify risky assets across their …

April 20, 2023

PaperCut recently revealed that two products in its popular line of print server software contain severe vulnerabilities currently being exploited in the wild. Reported via the Trend Micro Zero Day Initiative, these vulnerabilities can be exploited by unauthenticated …

April 13, 2023

Asset inventory is the foundation of a strong cybersecurity posture. It is often considered the first step in identifying vulnerabilities and potential risks to your organization’s security.