About On December 9th, 2021, a severe vulnerability (CVE-2021-44228) was released for the widely utilized Apache Log4j logging library. This library is a Java-based logging utility used in vendor applications and hardware appliances. The vulnerability allows an attacker to remotely execute code on versions 2.0 and 2.15.0. Apache has released a patch and it is advised that the ...
LOG4J Remote Code Execution Vulnerability (Update) Identifier: CVE-2021-44228 and CVE-2021-45046 Exploit or POC: YES. ...
LOG4J Remote Code Execution Vulnerability (Update) Identifier: CVE-2021-44228 and CVE-2021-45046 Exploit or POC: YES. ...
LOG4J Remote Code Execution Vulnerability Identifier: CVE-2021-44228 Exploit or POC: YES. Update: ...
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability Identifier: CVE-2021-26443 Exploit or POC: ...
Microsoft Exchange Server Remote Code Execution Vulnerability Identifier: CVE-2021-26427 Exploit or POC: No. Update: ...
Open Management Infrastructure Remote Code Execution Vulnerability Identifier: CVE-2021-38647 Exploit or POC: No. ...
Microsoft MSHTML Remote Code Execution Vulnerability Identifier: CVE-2021-40444 Exploit or POC: Yes Update: ...
When an incident happens what is one of the first questions that are asked? "Do you have a SIEM?" "Are you collecting ...
Windows Update Medic Service Elevation of Privilege Vulnerability Identifier: CVE-2021-36948 Exploit or POC: Yes. ...
Windows Print Spooler Remote Code Execution Vulnerability Identifier: CVE-2021-34527 Exploit or POC: Yes. Update: ...
Kaseya's VSA Product Supply Chain Attack & Ransomware Event
What is MDR? Managed Detection & Response is a proactive service. With MDR, the analyst is actively looking for ...
Did you catch the latest security news? Check out the 4 news links that caught our team's attention this month.
How do these critical vulnerabilities affect your business? See the latest bulletin from our threat research team.
Did you catch the latest security news? Check out the 5 news links that caught our team's attention this month.
Did you catch the latest security news? Check out the 16 news links that caught our team's attention this month.
The crowd-favorite SIEM workshop is back for those looking to advance their skills and optimize their LogRhythm ...
Whether your organization has a CISO or someone looking after CISO-level responsibilities, we've provided a few news ...
How do these critical vulnerabilities affect your business? See the latest bulletin from our threat research team ...
It has been brought to RedLegg’s attention that the breaches at Fireeye, The Treasury Department, and The Commerce ...
Do any of these critical vulnerabilities affect your business?
After reviewing all the released details regarding the FireEye security breach, RedLegg recommends all customers with ...
In this month's security bulletin, we had a few active exploits*. Do any of these critical vulnerabilities affect your ...
Is your team tackling vulnerabilities across all three categories to best protect your organization?
In this month's security bulletin, we've got a whopping 17 critical vulnerabilities described. Do any of these affect ...
As those in the Defense Industrial Base (DIB) look into the CMMC requirements, what exactly are the different levels of ...
The crowd-favorite SIEM workshop is back as a virtual 1-day bootcamp, featuring two new talks for advanced users of the ...
Honored as a leading MSSP, MDR cybersecurity company worldwide.
There are quite a few remote code execution vulnerabilities revealed in the latest security bulletin provided by our ...
Whether your organization has a CISO or someone looking after CISO-level responsibilities, we've provided a few news ...
The Defense Industrial Base (DIB) will soon be mandated to meet new security requirements in Department of Defense ...
We're reviving an oldie-but-a-goodie this week as we revisit the heart of Critical Infrastructure Protection and SCADA ...
Chicago, IL, August 20, 2020 — RedLegg announced today that they have replaced their home-grown automation and analysis ...
Whether your organization has a CISO or someone looking after CISO-level responsibilities, we've provided a few news ...
Check out last month's list of critical vulnerabilities provided by RedLegg's threat research team.
A vulnerability scan should be concentrated on compiling a complete catalogue of vulnerabilities that affected the ...
Whether your organization has a CISO or someone looking after CISO-level responsibilities, we've provided a few news ...
Join us in our upcoming events – Learn new things, compete with your colleagues, and meet some new faces this July!
While Nessus is a widely common scanning platform, there are a few best practices to consider when completing your scan ...
Anomali is hosting a virtual cyber threat intelligence briefing with Flashpoint and RedLegg. Industry thought-leaders ...
In your efforts to fix, and be prepared for, everything, here's RedLegg's cyber news update, featuring the articles ...
Thank you to everyone who registered and attended our latest Happy Hour Club meeting!
Cyber threats can be quite elusive and intangible: who are the people behind cyber attacks and where are they targeting ...
Your organization's cybersecurity team can gather threat intelligence through various ways, such as through open-source ...
RedLegg, global and veteran-owned cybersecurity firm based in the Chicago-area, has an updated SOC 2 certification with ...
The FBI introduces three fraud schemes in their latest PSA that they've seen trend during this season of the ...
As the US is responding to the Coronavirus pandemic, companies and government/non-government organizations are ...
Access Experts Live – Wednesday, March 11th @ 2 p.m. CST What is often considered the overlooked portion of your ...
It’s been a bit more than a year since GDPR took effect, but many organizations have yet to build their compliance ...
Creating a robust defense relies on an intimate knowledge of the enemy, their motivations, and goals. The core ...
Many organizations, maybe even yours included, have major flaws in their security operations. To help solve your ...
Are you using the full extent of your resources in order to get your work done?
When you're tasked with securing your customers' rich data, and you don't have 100% access to your own systems, you're ...
We're turning the MDR vs SIEM argument on its head! MDR may be the new buzzword around town, but at the end of the day, ...
We like to say, consistent communication provides peace of mind. The same should be said when it comes to your managed ...
When you're tasked with overseeing governance, risk management, compliance, and the firm's security technologies along ...
In previous articles, we’ve reviewed what the OWASP Top 10, testing guide, and ASVS are as well as how they may guide ...
In a previous article, we explored OWASP Top 10, testing guide, and ASVS, but how does OWASP apply to your security ...
Open Web Application Security Project (OWASP) Top 10 was created to show the critical risks facing applications, was ...
Although vetting your potential SIEM service providers is an important task, for obvious reasons, we find that the ...
SIEM technology helps to provide a much needed window into the logging and alerting activity taking place in your ...
Implementing Security Information and Event Management (SIEM) into your organization's infrastructure can be a valuable ...
Let's be honest: You have a lot going on, and it can be difficult to know if your security tools are working well ...
Security Information and Event Management (SIEM) platforms play a critical role in real-time response to threat ...
Today's organizations face unique challenges when protecting themselves against modern cybersecurity threats. Now more ...
While partnerships for pen testing and advisory services are crucial to the development of your security operations, ...
Launching a well-developed and adequately formatted SIEM platform requires time, effort, and most importantly, ...
If you’re hiring a company to help with your company’s SIEM, you can normally choose from two options: co-managed and ...
In an age where digital security is of paramount importance, nothing could be more critical for a growing business than ...
If you're beginning to research Security Incident and Event Management (SIEM) for your company, you may very well be ...
Recorded Wednesday, October 30th @ 11 a.m. CST When a CEO, an IT guy, and a CISO walk into a room... They're all bound ...
When thinking about the cost of managed SIEM, we know that in secret you might actually be wondering about the ...
Our penetration testing and security experts gave their insight on the value, and pitfalls, of the OWASP Top 10, ...
While your Incident Response Plan is a necessary part of your cybersecurity and InfoSec strategy, tabletop exercises ...
On August 15th, RedLegg hosted a successful workshop in Chicago for security professionals interested in Incident ...
Live Webinar - Wednesday, August 28 at 11 a.m. CST // 12 p.m. EST The conversations that a couple of security ...
In a landscape of advancing threats, building your security operations center is becoming more critical for company ...
Are you using the full extent of your resources in order to best protect your company?
The reporting phase may be the most critical part of your penetration test... Does your pen testing report better ...
Arguably the most important change in data privacy regulation in the past 20 years, GDPR can be daunting, yet this ...
On July 25th, RedLegg hosted a successful full-day workshop in Chicago for local LogRhythm® SIEM users. RedLegg’s ...
Can your team handle an incident? Will your team's response be effective?
You’ve heard it before: for most organizations, it’s not a matter of if they will be a target of a cyber attack—it’s a ...
Cybersecurity has quickly become a critical necessity for every business, and more so than ever before, IT teams and ...
After completing your organization’s Incident Response Plan, you must be prepared to use that plan amongst your teams. ...
A data breach is a cyber incident where sensitive information is attained through accidental or malicious means, and it ...
A tabletop exercise can validate your Incident Response Plan but conducting an effective tabletop with your Information ...
Live Webinar Recorded Wednesday, July 24 at 11 a.m. CST // 12 p.m. EST Now Available On Demand!
In the world of cybersecurity, we are well-aware of the increasing potential impact, and sophistication of, attacks on ...
In leading your organization’s information security practices and behaviors, your Incident Response Plan must become a ...
Year after year, cybersecurity risks continue to be a growing concern for companies of all sizes. But depending on your ...
Denial of Service (DoS) attacks have been orchestrated by a multitude of threat actors, from nation-states to vigilante ...
In your efforts to fix everything, here’s RedLegg’s cyber-news update, featuring some of the top vulnerabilities, ...
A strong penetration testing methodology evaluates the organization’s security posture, is comprehensive, and is not ...
With the complexity of software and network architecture increasing with every passing day, closing security loopholes ...
Mobile apps are just as susceptible to risk as any other platform. In today’s connected world, a single app attack on ...
The cybersecurity field is becoming ever more fractured and specialized. Even the most seasoned IT professionals can ...
