Inside the First Week of an Internal Penetration Test: What Matters Most

Social Engineering Prevention in 2025—What Still Works (and...

How Social Engineering Is Evolving in 2025 Social engineering has always been a moving target. In...

How to Run a Ransomware Tabletop Exercise That Actually...

What If Your Team Were Hit by Ransomware Today? The screens are dark. File names are encrypted....

Inside the First Week of an Internal Penetration Test: What...

What happens if an attacker bypasses your security defenses and compromises your internal network?...

From Numbers to Narrative: Rethinking Cyber Security KPIs...

Every CISO wants to know: Are we actually reducing risk, or just reporting faster? In 2025,...

The Role of Retesting in Vulnerability Remediation...

Summary: Post-remediation validation represents an important component of comprehensive security...

How to Build an IAM Adoption Strategy Rooted in People, Not...

“One technical mentor to show me how things work, and one cultural mentor to show me how things...

Transition Trap: Why WPA3 Isn’t Bulletproof Against an Evil...

WPA3 was designed to improve wireless security, but when misconfigured, it can still leave networks...

Tales of the Unexpected: When Physical Security Fails

“No, ma’am. I can’t beep you in right now, I...

Sample PHI HIPAA Risk Technology Assessment for a...

Engagement Objectives Our goal wasn’t just to provide a checklist of risks but to deliver real,...

Top 8 Cyber Threat Maps to Monitor Global Cyber Attacks

Improving OT Security in Food & Agriculture: A RedLegg Case...

This case study examines how RedLegg’s advisory team assessed and improved the OT security posture...

4 Essential Business Cybersecurity Testing Strategies

Vulnerability Scanning Best Practices: 6 Key Steps to...

Threat Intel: ATP27, FRP, TTNG, and More…

EXECUTIVE SUMMARY THREAT INTELLIGENCE AT REDLEGG This report serves as a comprehensive resource,...

9 Ways to Leverage SIEM Integration for Faster and More...

Introduction to SIEM Integration Security Information and Event Management (SIEM)technology...

THREAT PROFILE: SILK TYPHOON

THREAT TYPE(S):State-Sponsored Threat PLATFORMS EFFECTED:Windows ALIASES:Exchange Marauder,...

EDR vs. SIEM: Prioritizing Your Security...

Choosing the right security strategy is crucial to mitigating these threats effectively. Among the...

Identity and Access Management Best Practices: 5 Tips for...

The modern enterprise is rooted in data—and the security of this data is paramount.

Summoning Cyber Awareness: Exorcising the Malevolent Realm...

EXECUTIVE SUMMARY RedLegg would like to recognize the efforts instituted by the Cybersecurity &...

Nessus Scanner Best Practices For Common Issues

As our networks, systems, devices, and apps proliferate, the potential attack surfaces available for

How to Prevent Denial of Service Attacks: 3 Tools to Test...

10 Best Mobile Application Penetration Testing Tools and...

External vs Internal Pen Tests: Why Both Are Important For...

7 Types of Cyber Threat Actors: Motivations, Methods, and...

SIEM Alerts Best Practices: Tuning, Examples, and Reducing...

Every day, cyber threat actors look for weaknesses in connected devices, networks, and enterprise...

What Is Vulnerability Scanning? How It Works and Why It...

While connectivity is an essential lifeline of...

Patch Tuesday - August 2023

*Important note: These are not the only vulnerabilities that have been recently released; however,...

How to Read a Vulnerability Assessment Report

As the cybersecurity field continues to evolve and...

How To Operationalize Your SIEM Integration

Implementing Security Information and Event Management (SIEM) into your organization's...

The Seven Pen Test Steps

To thoroughly assess an organization's security, a...

Emergency Vulnerability Bulletin - 11/30/22

About:RedLegg will occasionally communicate vulnerabilities released outside the usual release...

Emergency Vulnerability Bulletin - 11/29/22

Oracle Fusion Middleware Unspecified Vulnerability Identifier: CVE-2022-35587 Exploit or POC: ...

Emergency Vulnerability Bulletin - 11/28/22

Google Chrome Heap Buffer Overflow Vulnerability Identifier: CVE-2022-4135 Exploit or POC: Yes...

Critical Security Bulletin - 11/08/22

About: In an effort to provide additional value to our customers RedLegg will be releasing...

9 Essential Cybersecurity Tools to Test and Secure Your...

Securing your network is an ongoing responsibility...

Emergency Vulnerability Bulletin - 11/01/22

X.509 Email Address 4-Byte Buffer Overflow Vulnerability Identifier: CVE-2022-3602 Exploit or...

SECURITY BLOG: ZERO-DAY VULNERABILITIES

ABOUT In recognition of Cyber Security Awareness Month, RedLegg’s 96 Bravo team will be providing...

SECURITY BLOG: THE HISTORY OF COBALT STRIKE

ABOUT In recognition of Cyber Security Awareness Month, RedLegg’s 96 Bravo team will be providing...

SECURITY BLOG: PHISHING

ABOUT:In recognition of Cyber Security Awareness Month, RedLegg’s 96 Bravo team will be...

Emergency Vulnerability Bulletin - 10/17/22

Apache Commons Text Remote Code Execution Vulnerability Identifier: CVE-2022-42889 Exploit or...

Critical Security Bulletin - 10/11/22

Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability Identifier:...

Emergency Vulnerability Bulletin - 10/07/22

Fortinet FortiOS & FortiProxy Authentication Bypass Vulnerability Identifier: CVE-2022-40684 ...

8 Steps to Building an Effective Threat and Vulnerability...

As the threat of cyber attacks continues to...

Emergency Vulnerability Bulletin - 09/30/22

Atlassian Bitbucket Server and Data Center Vulnerability Identifier: CVE-2022-36804 Exploit or...

Emergency Vulnerability Bulletin - 09/30/22

Microsoft Exchange Server Server-Side Request Forgery (SSRF) Vulnerability Identifier: ...

What Is Threat Modeling?

As the years go by, companies of all sizes are...

Log4j In-Depth

About On December 9th, 2021, a severe vulnerability (CVE-2021-44228) was released for the widely...

Critical Vulnerability Bulletin December 2021

LOG4J Remote Code Execution Vulnerability (Update) Identifier: CVE-2021-44228 and CVE-2021-45046

Critical Vulnerability Bulletin Update for Log4J

LOG4J Remote Code Execution Vulnerability (Update) Identifier: CVE-2021-44228 and CVE-2021-45046

Emergency Vulnerability Bulletin

LOG4J Remote Code Execution Vulnerability Identifier: CVE-2021-44228 Exploit or POC: YES. ...

Critical Vulnerabilities Bulletin November 2021

Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability Identifier: CVE-2021-26443

Critical Vulnerabilities Bulletin October 2021

Microsoft Exchange Server Remote Code Execution Vulnerability Identifier: CVE-2021-26427 ...

Critical Vulnerabilities Bulletin -September 2021

Open Management Infrastructure Remote Code Execution Vulnerability Identifier: CVE-2021-38647 ...

Emergency Vulnerability Bulletin

Microsoft MSHTML Remote Code Execution Vulnerability Identifier: CVE-2021-40444 Exploit or POC:...

Critical Vulnerabilities Bulletin -August 2021

Windows Update Medic Service Elevation of Privilege Vulnerability Identifier: CVE-2021-36948 ...

Critical Vulnerabilities Bulletin 2nd Edition- July 2021

Windows Print Spooler Remote Code Execution Vulnerability Identifier: CVE-2021-34527 Exploit or...

Critical Vulnerabilities Bulletin - July 2021

Kaseya's VSA Product Supply Chain Attack & Ransomware Event

MSSP, SIEM, and MDR: What Are The Key Differences?

Security News For June 2021

Did you catch the latest security news? Check out the 4 news links that caught our team's...

Critical Vulnerabilities Bulletin - May 2021

How do these critical vulnerabilities affect your business? See the latest bulletin from our...

Security News - Links For May 2021

Did you catch the latest security news? Check out the 5 news links that caught our team's...

Security News - Links For April 2021

Did you catch the latest security news? Check out the 16 news links that caught our team's...

LogRhythm SIEM Best Practices Workshop Returns

The crowd-favorite SIEM workshop is back for those looking to advance their skills and optimize...

[February 2021] Security News Roundup

Whether your organization has a CISO or someone looking after CISO-level responsibilities, we've...

Critical Vulnerabilities - January 2021 Bulletin

How do these critical vulnerabilities affect your business? See the latest bulletin from our...

Further Info, Resources On FireEye Security Breach

It has been brought to RedLegg’s attention that the breaches at Fireeye, The Treasury Department,...

Critical Vulnerabilities of December 2020

Do any of these critical vulnerabilities affect your business?

FireEye Security Breach - Your Next Steps

After reviewing all the released details regarding the FireEye security breach, RedLegg recommends...

Critical Vulnerabilities of November 2020

In this month's security bulletin, we had a few active exploits*. Do any of these critical...

Your Guide To Vulnerability Categories And Severity-Levels

Is your team tackling vulnerabilities across all three categories to best protect your organization?

The 17 Critical Vulnerabilities In Latest Security Bulletin

In this month's security bulletin, we've got a whopping 17 critical vulnerabilities described. ...

Understanding the CMMC Framework Levels

As those in the Defense Industrial Base (DIB) look into the CMMC requirements, what exactly are the...

New Talks At The Free 1-Day SIEM Bootcamp

The crowd-favorite SIEM workshop is back as a virtual 1-day bootcamp, featuring two new talks for...

RedLegg Named To MSSP Alert's Top 250 MSSP List For 2020

Honored as a leading MSSP, MDR cybersecurity company worldwide.

Why These 4 New Critical Vulnerabilities Need Mitigated...

There are quite a few remote code execution vulnerabilities revealed in the latest security...

News Roundup From A CISO

Whether your organization has a CISO or someone looking after CISO-level responsibilities, we've...

What Is CMMC, And What Does It Mean For The DIB?

The Defense Industrial Base (DIB) will soon be mandated to meet new security requirements in...

Critical Infrastructure Protection And Security with Phil...

We're reviving an oldie-but-a-goodie this week as we revisit the heart of Critical Infrastructure...

RedLegg Managed Security's New Automation Service

Chicago, IL, August 20, 2020 — RedLegg announced today that they have replaced their home-grown...

News Clips From A CISO

Whether your organization has a CISO or someone looking after CISO-level responsibilities, we've...

Critical Vulnerabilities - July 2020 Recap

Check out last month's list of critical vulnerabilities provided by RedLegg's threat research team.

Optimizing Your Vulnerability Scans: From Beginning To End

A vulnerability scan should be concentrated on compiling a complete catalogue of vulnerabilities...

News Clips From A CISO

Whether your organization has a CISO or someone looking after CISO-level responsibilities, we've...

Cybersecurity Virtual Events Roundup | RedLegg Events

Join us in our upcoming events – Learn new things, compete with your colleagues, and meet some new...

Midwest Threat Day - RedLegg's JD Bacon Presenting

Anomali is hosting a virtual cyber threat intelligence briefing with Flashpoint and RedLegg....

Cybersecurity News

In your efforts to fix, and be prepared for, everything, here's RedLegg's cyber news update,...

Happy Hour Club Raises Money For Chicago Community

Thank you to everyone who registered and attended our latest Happy Hour Club meeting!

What Is A Honeypot?

Your organization's cybersecurity team can gather...

RedLegg's Updated Certification: SOC II

RedLegg, global and veteran-owned cybersecurity firm based in the Chicago-area, has an updated SOC 2

FBI PSA: 3 Cyber Fraud Schemes To Watch For During COVID-19

The FBI introduces three fraud schemes in their latest PSA that they've seen trend during this...

Cybersecurity Recommendations: Response To COVID-19

As the US is responding to the Coronavirus pandemic, companies and...