Blog
-
DeepSurface Security Advisory: LPE in Firefox on Windows
3 min readFirefox is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. This would allow an attacker to perform a local privilege escalation attack against Firefox users using the same Windows system.
-
DeepSurface Security Advisory: LPE in Adobe Reader on Windows
3 min readAdobe Reader is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. This would allow an attacker to perform a local privilege escalation attack against Adobe Reader users using the same Windows system.
-
DeepSurface 2.4
3 min readDeepSurface 2.4 expands our reporting capabilities to enable exportable reports to XLSX and PDF, added support for Thycotic Secret Server PAM, easier setup/administration including emailing of generated reports, and enhancements of our windows agent.
-
DeepSurface now integrates with Microsoft Defender for Endpoint
2 min readDeepSurface announces integration with Microsoft Defender for Endpoint - now imports vulnerability scanner data, missing patches and misconfigurations across Microsoft, Linux and Mac hosts.
-
DeepSurface Security Advisory: LPEs in Node.js on Windows (CVE-2021-22921)
3 min readNode.js is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms.
-
DeepSurface Security Advisory: Local Privilege Escalation in RabbitMQ on Windows (CVE-2021-22117)
3 min readOverviewRabbitMQ is a popular open source message broker, used worldwide by companies like T-Mobile and SolarWinds. Its flexibility and speed makes it easy to integrate with other applications, such as SolarWinds Orion Platform. Since we previously reported CVE-2021-29221 against the popular programming language Erlang, we suspected RabbitMQ would be vulnerable
-
DeepSurface Security Advisory: Local Privilege Escalation in Confluence on Windows
3 min readOverviewAtlassian Confluence Server is a popular web-based corporate content management system, allowing remote teams to collaborate efficiently on projects. With over sixty thousand customers including Docker, Linkedin, and Twilio, vulnerabilities in Confluence could have a significant impact on a large user base. While performing detailed service permissions analysis using our
-
Announcing DeepSurface 2.2!
2 min readRelease 2.2 brings some exciting new features and changes in the form of tags and some UI/UX updates that make the product even easier to use.
-
Announcing DeepSurface 2.1!
2 min readWe’re thrilled to announce DeepSurface 2.1, an improvement on DeepSurface 2.0 that makes it even easier to use. We’ve reorganized some things, added different nomenclature for increased efficiencies allowing you discover and remediate risk even faster.
-
DeepSurface Security Advisory: Local Privilege Escalation in Octopus Deploy on Windows (CVE-2021-26556)
3 min readOverviewOctopus Deploy is a popular DevOps automation platform that enables teams to more efficiently manage configuration, API keys, and permissions. Octopus Server allows users to self-host this platform, and is installed as a service on the host. This service runs as Local System and is a very impactful target for
-
DeepSurface Security Advisory: Local Privilege Escalation in Erlang on Windows (CVE-2021-29221)
5 min readOverviewErlang is a popular general-purpose programming language and runtime environment, with support for concurrency commonly found on many distributed systems. When distributed on Windows machines, the Erlang emulator can also be run as a service with the erlsrv.exe command. This seems to be commonly used with popular software, such
-
DeepSurface 2.0 -- What’s New, and a Peek at What’s Next
2 min readOur mission is to equip cybersecurity teams with the best predictive vulnerability prioritization platform and allow them to quickly identify and reduce more cybersecurity risk every day. To that end, we’re proud to announce the release of DeepSurface 2.0!
-
Compliance and Cyber Security Risk Reduction Don’t have to be Enemies
10 min readHow to design a Cyber Vulnerability Management program that maximizes the ROI of your team’s work to be compliant and maximize the reduction of business risk at the same time. If the title of this article caught your eye, you likely work in cybersecurity or IT in a regulated
-
Windows Service Permissions and DLL Sideloading
8 min readAs any seasoned security professional knows, many published security vulnerabilities and attacks are over-hyped. What makes something newsworthy is not always that it poses a significant risk to most organizations. If an attack doesn’t appear to be technically sophisticated, it will often be overlooked. One class of security issue
-
Today, we’re proud to announce the General Availability of our namesake Predictive Vulnerability Management product, DeepSurface
4 min readToday we’re excited to announce the general availability of DeepSurface(R), representing four years of working towards our vision of the best vulnerability management platform available. Thanks to the whole team, we’re releasing the result of years of research, hard work, and determination. We’re proud to be