On March 2, 2021, Microsoft released several security updates to address at least seven critical vulnerabilities in supported versions of on-premise Microsoft Exchange Server. These vulnerabilities were observed being used in limited targeted ... READ MORE
Main Content
From the War Room Blog
Cisco Smart Install for Penetration Testing
Cisco Systems Inc. developed a widely used protocol to perform zero touch deployment of new infrastructure. This can include devices such as switches and routers and many other devices running Cisco IOS. This technology is called Smart Install. Smart ... READ MORE
Building a Vulnerable Box: RemoteMouse
At the start of every year, I review my lab repository of intentionally vulnerable machines and do my best to add new ones to the list. I recently came across a particularly interesting flaw, from a teaching perspective, and thought it would be worth ... READ MORE
How to have effective Enterprise Identity & Access Management (EIAM)
Your business operations can be complex and require multiple technologies such as applications, platforms, services and infrastructure. Effectively overseeing and controlling who has access to what across this landscape can be a daunting challenge. ... READ MORE
Investigating SolarWinds Impact
The recent disclosure of the SolarWinds Orion supply chain attack is just the latest widespread vulnerability that has targeted clients across the globe. This issue is still in the early stages of analysis by the cybersecurity community, and RSM is ... READ MORE
SolarWinds Orion Supply Chain Attack
On December 13, 2020, FireEye reported a major intrusion into several high-visibility targets stemming from malicious code inserted into SolarWinds Orion software update packages. An external nation-state-level threat actor compromised the network of ... READ MORE