In order to provide you with the best experience possible we might sometimes track information about you. Sometimes this may involve writing a cookie. We use this information for things like experience enrichment, analytics and targeting advertising. We recommend allowing these functions to get the most out of your experience.
OK
Expert Insights: Building a World-Class OT Cybersecurity Program
/by Jane PaolucciIn an age where manufacturing companies are increasingly reliant on digital technologies and interconnected systems, the importance of robust cybersecurity programs cannot be overstated. While attending Manusec in Chicago this week, RedSeal participated on a panel of cybersecurity experts to discuss the key features, measurement of success, and proactive steps that can lead to a […]
5 Critical Steps to Identifying and Remediating Exfiltration Paths
/by Wayne Lloyd, Federal CTO, RedSealSummary. Cybersecurity risks continue to rise, further increasing the severity of long-term impacts.
The latest IBM Data Breach Report revealed 82% of breaches involved data stored in the cloud—public, private, or multiple environments, with attackers gaining access to multiple environments 39% of the time. In 2023, the average cost of a data breach reached an […]
Custom Best Practice Check for Detecting Juniper Firewall Vulnerabilities
/by Bill Burge, RedSeal Professional ServicesName: Juniper Firewall Vulnerability Detection Description: This Custom Best Practice Check (CBPC) detects potential vulnerabilities in Juniper firewalls that could lead to unauthorized access and remote code execution.
Rule: Regex: ^ *web-management \{(\r?\n) *htt.*
Explanation: This regular expression (regex) is designed to match specific configuration lines within a Juniper firewall’s configuration related to web management settings. […]
What the Rockwell Automation ThinServer Vulnerabilities Mean for Industrial Cybersecurity
/by Wayne Lloyd, Federal CTO, RedSealThe cybersecurity landscape is an ever-evolving domain with threats sprouting up constantly. The recent revelation concerning vulnerabilities in Rockwell Automation’s ThinManager ThinServer has highlighted the urgency for robust cybersecurity measures in the realm of industrial control systems (ICS).
Understanding the Rockwell Automation ThinServer Vulnerabilities
Rockwell Automation’s ThinManager ThinServer, a product designed for […]
Key Insights from Black Hat 2023: RedSeal’s Perspective
/by Greg EnriquezLast week approximately 40,000 cybersecurity professionals, researchers, and experts, met in Las Vegas for the annual Black Hat conference to discuss the latest trends, emerging threats, and groundbreaking technologies in cybersecurity. The RedSeal team engaged in all the event had to offer and left with several key takeaways into the current state of cybersecurity and […]
Finding Internet-facing Vulnerabilities: RedSeal Perspective on The Five Eyes Advisory
/by Dr. Mike Lloyd, CTO, RedSealToday, the international cybersecurity consortium known as The Five Eyes (Australia, Canada, New Zealand, the UK, and the US) published a joint Cybersecurity Advisory. It’s a scary read, on several fronts. It details the top 12 vulnerabilities that are actively being exploited, in current breaches. The advisory doesn’t detail the breaches, because a lot of that […]
Zero Trust 2.0: Why RedSeal Is Key to Executing a Zero Trust Strategy
/by Wayne Lloyd, Federal CTO, RedSealIn February 2023, a 21-year-old Massachusetts Air National Guard member accessed and posted hundreds of classified documents on voice over Internet Protocol (VoIP) and instant messaging platform Discord. The impacts were far-reaching. Not only is the Air Force working to understand how top secret information could be leaked so easily, but the base where the […]
Exploring the Implications of the New National Cyber Strategy: Insights from Security Experts
/by Dr. Mike Lloyd, CTO, RedSealPerspectives shared from Richard Clark and Mark Montgomery, covering new regulations, resilience planning and future challenges.
Advisory Notice: MOVEit Transfer Critical Vulnerability
/by RedSealCVE: CVE-2023-35708
Description:
Progress has discovered a vulnerability in MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the environment. If you are a MOVEit Transfer customer, it is extremely important that you take immediate action as noted below in order to help protect your MOVEit Transfer environment. In Progress MOVEit […]
The Shifting Landscape of Cybersecurity: Top Considerations for CISOs
/by Sukesh Garg, Vice President, ProductAs we venture into the second half of 2023, it is crucial for CISOs and security professionals to stay ahead of the curve by understanding the trends that are poised to shape the future of the industry. In this blog, we will explore the key takeaways from the first half of 2023, which highlight the game-changing potential of AI, the influential role of market forces on security and resilience, the prevalence of multiple vendor architecture, the impact of public oversight on private operations, and the convergence of information technology (IT) and operational technology (OT).