Zero Trust Network Architecture in Practice: How Conditional Access Gets Bypassed in 2025

Phishing Isn’t a Tool Problem — It’s a Decision Problem

Zero Trust Network Architecture in Practice: How...

For those hungry for technical implementation details and specific bypass methods, jump to the...

Automation Backed by Human Intelligence: Why the Future of...

“AI-only MDR? Even if it’s 90% accurate, that still means you’re missing things — and the risk of...

Tabletop Exercises: The Missing Piece in Business...

A documented incident response (IR) plan is often treated like a security milestone. It's the sign...

What SOC 2 Doesn’t Tell You About Third‑Party Risk

Does a clean SOC 2 report mean your vendor is secure? While SOC 2 is an important compliance...

Social Engineering Prevention: What Still Works (and What...

How Social Engineering Is Evolving in 2025 Social engineering has always been a moving target. In...

How to Run a Ransomware Tabletop Exercise That Actually...

What If Your Team Were Hit by Ransomware Today? The screens are dark. File names are encrypted....

Inside the First Week of an Internal Penetration Test: What...

What happens if an attacker bypasses your security defenses and compromises your internal network?...

Essential Cybersecurity KPIs for Measuring Security...

Every CISO wants to know: Are we actually reducing risk, or just reporting faster? Measuring...

The Role of Retesting in Vulnerability Remediation...

Summary: Post-remediation validation represents an important component of comprehensive security...

How to Build an IAM Adoption Strategy Rooted in People, Not...

“One technical mentor to show me how things work, and one cultural mentor to show me how things...

Transition Trap: Why WPA3 Isn’t Bulletproof Against an Evil...

WPA3 was designed to improve wireless security, but when misconfigured, it can still leave networks...

Tales of the Unexpected: When Physical Security Fails

“No, ma’am. I can’t beep you in right now, I...

Sample PHI HIPAA Risk Technology Assessment for a...

Engagement Objectives Our goal wasn’t just to provide a checklist of risks but to deliver real,...

Top 8 Cyber Threat Maps to Monitor Global Cyber Attacks

Improving OT Security in Food & Agriculture: A RedLegg Case...

This case study examines how RedLegg’s advisory team assessed and improved the OT security posture...

4 Essential Business Cybersecurity Testing Strategies

Vulnerability Scanning Best Practices: 6 Key Steps to...

Threat Intel: ATP27, FRP, TTNG, and More…

EXECUTIVE SUMMARY THREAT INTELLIGENCE AT REDLEGG This report serves as a comprehensive resource,...

9 Ways to Leverage SIEM Integration for Faster and More...

Introduction to SIEM Integration Security Information and Event Management (SIEM)technology...

THREAT PROFILE: SILK TYPHOON

THREAT TYPE(S):State-Sponsored Threat PLATFORMS EFFECTED:Windows ALIASES:Exchange Marauder,...

EDR vs. SIEM: Prioritizing Your Security...

Choosing the right security strategy is crucial to mitigating these threats effectively. Among the...

Identity and Access Management Best Practices: 5 Tips for...

The modern enterprise is rooted in data—and the security of this data is paramount.

Summoning Cyber Awareness: Exorcising the Malevolent Realm...

EXECUTIVE SUMMARY RedLegg would like to recognize the efforts instituted by the Cybersecurity &...

Nessus Scanner Best Practices For Common Issues

As our networks, systems, devices, and apps proliferate, the potential attack surfaces available for

How to Prevent Denial of Service Attacks: 3 Tools to Test...

10 Best Mobile Application Penetration Testing Tools and...

External vs Internal Pen Tests: Why Both Are Important For...

7 Types of Cyber Threat Actors: Motivations, Methods, and...

SIEM Alerts Best Practices: Tuning, Examples, and Reducing...

Every day, cyber threat actors look for weaknesses in connected devices, networks, and enterprise...

What Is Vulnerability Scanning? How It Works and Why It...

While connectivity is an essential lifeline of...

Patch Tuesday - August 2023

*Important note: These are not the only vulnerabilities that have been recently released; however,...

How to Read a Vulnerability Assessment Report

As the cybersecurity field continues to evolve and...

How To Operationalize Your SIEM Integration

Implementing Security Information and Event Management (SIEM) into your organization's...

The Seven Pen Test Steps

To thoroughly assess an organization's security, a...

Emergency Vulnerability Bulletin - 11/30/22

About:RedLegg will occasionally communicate vulnerabilities released outside the usual release...

Emergency Vulnerability Bulletin - 11/29/22

Oracle Fusion Middleware Unspecified Vulnerability Identifier: CVE-2022-35587 Exploit or POC: ...

Emergency Vulnerability Bulletin - 11/28/22

Google Chrome Heap Buffer Overflow Vulnerability Identifier: CVE-2022-4135 Exploit or POC: Yes...

Critical Security Bulletin - 11/08/22

About: In an effort to provide additional value to our customers RedLegg will be releasing...

9 Essential Cybersecurity Tools to Test and Secure Your...

Securing your network is an ongoing responsibility...

Emergency Vulnerability Bulletin - 11/01/22

X.509 Email Address 4-Byte Buffer Overflow Vulnerability Identifier: CVE-2022-3602 Exploit or...

SECURITY BLOG: ZERO-DAY VULNERABILITIES

ABOUT In recognition of Cyber Security Awareness Month, RedLegg’s 96 Bravo team will be providing...

SECURITY BLOG: THE HISTORY OF COBALT STRIKE

ABOUT In recognition of Cyber Security Awareness Month, RedLegg’s 96 Bravo team will be providing...

SECURITY BLOG: PHISHING

ABOUT:In recognition of Cyber Security Awareness Month, RedLegg’s 96 Bravo team will be...

Emergency Vulnerability Bulletin - 10/17/22

Apache Commons Text Remote Code Execution Vulnerability Identifier: CVE-2022-42889 Exploit or...

Critical Security Bulletin - 10/11/22

Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability Identifier:...

Emergency Vulnerability Bulletin - 10/07/22

Fortinet FortiOS & FortiProxy Authentication Bypass Vulnerability Identifier: CVE-2022-40684 ...

8 Steps to Building an Effective Threat and Vulnerability...

As the threat of cyber attacks continues to...

Emergency Vulnerability Bulletin - 09/30/22

Atlassian Bitbucket Server and Data Center Vulnerability Identifier: CVE-2022-36804 Exploit or...

Emergency Vulnerability Bulletin - 09/30/22

Microsoft Exchange Server Server-Side Request Forgery (SSRF) Vulnerability Identifier: ...

What Is Threat Modeling?

As the years go by, companies of all sizes are...

Log4j In-Depth

About On December 9th, 2021, a severe vulnerability (CVE-2021-44228) was released for the widely...

Critical Vulnerability Bulletin December 2021

LOG4J Remote Code Execution Vulnerability (Update) Identifier: CVE-2021-44228 and CVE-2021-45046

Critical Vulnerability Bulletin Update for Log4J

LOG4J Remote Code Execution Vulnerability (Update) Identifier: CVE-2021-44228 and CVE-2021-45046

Emergency Vulnerability Bulletin

LOG4J Remote Code Execution Vulnerability Identifier: CVE-2021-44228 Exploit or POC: YES. ...

Critical Vulnerabilities Bulletin November 2021

Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability Identifier: CVE-2021-26443